WebKit-https.git
6 months agoUpdate JSScript SPI based on feedback
sbarati@apple.com [Fri, 22 Feb 2019 04:21:54 +0000 (04:21 +0000)]
Update JSScript SPI based on feedback
https://bugs.webkit.org/show_bug.cgi?id=194517

Reviewed by Keith Miller.

This patch updates the JSScript SPI in the following ways:
- JSScript can now represent both modules and programs. This is a property
of the script determined during creation.
- JSScript now takes a sourceURL during construction. For modules, this acts
as the module identifier.
- JSScript now has SPI for writing the cache out to disk. We don't do this
automatically.
- JSScript will load the bytecode cache on creation if it exists.
- We retrofit these new requirements on the prior JSScript SPI that
we're going to remove as soon as we can: https://bugs.webkit.org/show_bug.cgi?id=194909.
Previous SPI assumes all JSScripts are modules. Previous SPI also assigns
a sourceURL to the JSScript based on what the module loader decided the
identifier should be. We'll remove this once we remove the old SPI.

This patch also adds SPI to JSContext to evaluate a JSScript. For modules,
this is like returning the result of doing dynamic import. For programs,
this does normal program evaluation.

This patch also fixes a bug in generateBytecode/generateModuleBytecode where
we would try to cache the bytecode even if recursivelyGenerateUnlinkedCodeBlock
returned null. E.g, if the script had a syntax error.

When writing tests, I also discovered that someone previously broke
testapi. This patch also fixes those failures. They were broken when
we switched to using a testapiScripts directory to hold our test .js
scripts.

* API/JSAPIGlobalObject.h:
* API/JSAPIGlobalObject.mm:
(JSC::JSAPIGlobalObject::moduleLoaderResolve):
(JSC::JSAPIGlobalObject::moduleLoaderFetch):
(JSC::JSAPIGlobalObject::loadAndEvaluateJSScriptModule):
* API/JSBase.cpp:
(JSEvaluateScriptInternal):
(JSEvaluateScript):
* API/JSBaseInternal.h: Added.
* API/JSContext.mm:
(-[JSContext evaluateScript:withSourceURL:]):
(-[JSContext evaluateJSScript:]):
* API/JSContextPrivate.h:
* API/JSScript.h:
* API/JSScript.mm:
(+[JSScript scriptWithSource:inVirtualMachine:]):
(+[JSScript scriptFromASCIIFile:inVirtualMachine:withCodeSigning:andBytecodeCache:]):
(createError):
(+[JSScript scriptOfType:inVirtualMachine:withSourceURL:andSource:andBytecodeCache:error:]):
(+[JSScript scriptOfType:inVirtualMachine:memoryMappedFromASCIIFile:withSourceURL:andBytecodeCache:error:]):
(-[JSScript cacheBytecodeWithError:]):
(-[JSScript sourceURL]):
(-[JSScript type]):
(-[JSScript jsSourceCode]):
(-[JSScript writeCache:]):
(-[JSScript setSourceURL:]):
(-[JSScript forceRecreateJSSourceCode]):
(-[JSScript writeCache]): Deleted.
(-[JSScript jsSourceCode:]): Deleted.
* API/JSScriptInternal.h:
* API/tests/FunctionOverridesTest.cpp:
(testFunctionOverrides):
* API/tests/testapi.c:
(main):
* API/tests/testapi.mm:
(tempFile):
(testModuleBytecodeCache):
(testProgramBytecodeCache):
(testBytecodeCacheWithSyntaxError):
(testProgramJSScriptException):
(testLoadBasicFileLegacySPI):
(+[JSContextMemoryMappedLoaderDelegate newContext]):
(-[JSContextMemoryMappedLoaderDelegate context:fetchModuleForIdentifier:withResolveHandler:andRejectHandler:]):
(testLoadBasicFile):
(+[JSContextAugmentedLoaderDelegate newContext]):
(-[JSContextAugmentedLoaderDelegate context:fetchModuleForIdentifier:withResolveHandler:andRejectHandler:]):
(testJSScriptURL):
(testObjectiveCAPI):
(testBytecodeCache): Deleted.
* API/tests/testapiScripts/foo.js: Added.
* JavaScriptCore.xcodeproj/project.pbxproj:
* runtime/Completion.cpp:
(JSC::generateBytecode):
(JSC::generateModuleBytecode):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241929 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoDiscard cached processes when clearing website data store
rniwa@webkit.org [Fri, 22 Feb 2019 02:58:40 +0000 (02:58 +0000)]
Discard cached processes when clearing website data store
https://bugs.webkit.org/show_bug.cgi?id=194894

Reviewed by Chris Dumez.

Source/WebKit:

Clear the process cache when clearing the website data store so that there is no way to infer
which site the user had visited by observing for which sites WebContent processes had been cached.

There is one sublty in WebsiteDataStore::removeData that we have to delay the clearing of
the web process cache until the next run loop because SuspendedPageProxy::~SuspendedPageProxy
invokes WebProcessProxy::maybeShutDown in the next run loop. We also have to disable the process
cache during this time as it would otherwise trigger the responsiveness check of WebContent process
can take arbitrarily long time.

* UIProcess/API/Cocoa/WKProcessPool.mm:
(-[WKProcessPool _processCacheCapacity]): Added for testing.
* UIProcess/API/Cocoa/WKProcessPoolPrivate.h:
* UIProcess/WebProcessCache.cpp:
(WebKit::WebProcessCache::addProcess): Avoid adding web processes to the cache while the suspended
pages are being cleared.
* UIProcess/WebProcessCache.h:
(WebKit::WebProcessCache::disabled const): Added.
(WebKit::WebProcessCache::setDisabled): Added.
* UIProcess/WebProcessPool.cpp:
(WebKit::WebProcessPool::handleMemoryPressureWarning):
(WebKit::WebProcessPool::clearSuspendedPages): Added.
* UIProcess/WebProcessPool.h:
* UIProcess/WebsiteData/WebsiteDataStore.cpp:
(WebKit::WebsiteDataStore::removeData):

Tools:

Added a test case.

* TestWebKitAPI/Tests/WebKitCocoa/ProcessSwapOnNavigation.mm:
(TestWebKitAPI.ProcessSwap.NumberOfCachedProcesses): Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241928 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoAdd more doesGC() assertions.
mark.lam@apple.com [Fri, 22 Feb 2019 02:02:32 +0000 (02:02 +0000)]
Add more doesGC() assertions.
https://bugs.webkit.org/show_bug.cgi?id=194911
<rdar://problem/48285723>

Reviewed by Saam Barati and Yusuke Suzuki.

* dfg/DFGOSRExit.cpp:
(JSC::DFG::OSRExit::compileOSRExit):
- Set expectDoesGC here because we no longer have to worry about missing store
  barriers in optimized code after this point.  This will prevent false positive
  assertion failures arising from functions called beneath compileOSRExit().

(JSC::DFG::OSRExit::compileExit):
- Add a comment to explain why the generated ramp needs to set expectDoesGC even
  though compileOSRExit() also sets it.  Reason: compileOSRExit() is only called
  for the first OSR from this code origin, the generated ramp is called for many
  subsequents OSR exits from this code origin.

* ftl/FTLOSRExitCompiler.cpp:
(JSC::FTL::compileStub):
- Added a comment for the equivalent reason to the one above.

(JSC::FTL::compileFTLOSRExit):
- Set expectDoesGC here because we no longer have to worry about missing store
  barriers in optimized code after this point.  This will prevent false positive
  assertion failures arising from functions called beneath compileFTLOSRExit().

* heap/CompleteSubspace.cpp:
(JSC::CompleteSubspace::tryAllocateSlow):
* heap/CompleteSubspaceInlines.h:
(JSC::CompleteSubspace::allocateNonVirtual):
- assert expectDoesGC.

* heap/DeferGC.h:
(JSC::DeferGC::~DeferGC):
- assert expectDoesGC.
- Also added WTF_FORBID_HEAP_ALLOCATION to DeferGC, DeferGCForAWhile, and DisallowGC
  because all 3 should be stack allocated RAII objects.

* heap/GCDeferralContext.h:
* heap/GCDeferralContextInlines.h:
(JSC::GCDeferralContext::~GCDeferralContext):
- Added WTF_FORBID_HEAP_ALLOCATION.
- assert expectDoesGC.

* heap/Heap.cpp:
(JSC::Heap::collectNow):
(JSC::Heap::collectAsync):
(JSC::Heap::collectSync):
(JSC::Heap::stopIfNecessarySlow):
(JSC::Heap::collectIfNecessaryOrDefer):
* heap/HeapInlines.h:
(JSC::Heap::acquireAccess):
(JSC::Heap::stopIfNecessary):
* heap/LargeAllocation.cpp:
(JSC::LargeAllocation::tryCreate):
* heap/LocalAllocatorInlines.h:
(JSC::LocalAllocator::allocate):
- conservatively assert expectDoesGC on these functions that may trigger a GC
  though they don't always do.

* runtime/DisallowScope.h:
- DisallowScope should be stack allocated because it's an RAII object.

* runtime/JSCellInlines.h:
(JSC::tryAllocateCellHelper):
- Remove the expectDoesGC assertion because it is now covered by assertions in
  CompleteSubspace, LargeAllocation, and LocalAllocator.

* runtime/RegExpMatchesArray.h:
(JSC::createRegExpMatchesArray):
- assert expectDoesGC.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241927 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoClicking "Go Back" on a safe browsing warning before a WKWebView has loaded any page...
commit-queue@webkit.org [Fri, 22 Feb 2019 01:58:34 +0000 (01:58 +0000)]
Clicking "Go Back" on a safe browsing warning before a WKWebView has loaded any page should request to close the WKWebView
https://bugs.webkit.org/show_bug.cgi?id=194914
<rdar://problem/47586889>

Patch by Alex Christensen <achristensen@webkit.org> on 2019-02-21
Reviewed by Geoffrey Garen.

Source/WebKit:

* UIProcess/API/APIUIClient.h:
(API::UIClient::didShowSafeBrowsingWarning):
(API::UIClient::didClickGoBackFromSafeBrowsingWarning): Deleted.
* UIProcess/API/Cocoa/WKUIDelegatePrivate.h:
* UIProcess/Cocoa/UIDelegate.h:
* UIProcess/Cocoa/UIDelegate.mm:
(WebKit::UIDelegate::setDelegate):
(WebKit::UIDelegate::UIClient::didClickGoBackFromSafeBrowsingWarning): Deleted.
* UIProcess/WebPageProxy.cpp:
(WebKit::WebPageProxy::decidePolicyForNavigationAction):

Tools:

* TestWebKitAPI/Tests/WebKitCocoa/SafeBrowsing.mm:
(-[SafeBrowsingNavigationDelegate webViewDidClose:]):
(TEST):
(-[SafeBrowsingNavigationDelegate _webViewDidClickGoBackFromSafeBrowsingWarning:]): Deleted.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241926 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoTurn a high-value UI-side-compositing assertion into a release assert
timothy_horton@apple.com [Fri, 22 Feb 2019 01:51:32 +0000 (01:51 +0000)]
Turn a high-value UI-side-compositing assertion into a release assert
https://bugs.webkit.org/show_bug.cgi?id=194887

Reviewed by Simon Fraser.

* WebProcess/WebPage/RemoteLayerTree/PlatformCALayerRemote.cpp:
(WebKit::PlatformCALayerRemote::recursiveBuildTransaction):
There is absolutely no situation in which this assert should fire
if WebKit is behaving correctly, and it will basically always result
in a UI process crash (or at least confusion), so make it a release assert.
This would have saved us a lot of stress in bug 194845.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241925 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months ago[MSVC] Fix compilation errors with lambdas in ResourceLoadStatistics
don.olmstead@sony.com [Fri, 22 Feb 2019 01:05:08 +0000 (01:05 +0000)]
[MSVC] Fix compilation errors with lambdas in ResourceLoadStatistics
https://bugs.webkit.org/show_bug.cgi?id=194913

Reviewed by Brent Fulgham.

MSVC has problems with the scoping of `this` within a nested lambda. To work around the
behavior the enclosing lambda's wrapping of `this` is used within the nested lambda.

* NetworkProcess/Classifier/ResourceLoadStatisticsMemoryStore.cpp:
(WebKit::ResourceLoadStatisticsMemoryStore::processStatisticsAndDataRecords):
* NetworkProcess/Classifier/WebResourceLoadStatisticsStore.cpp:
(WebKit::WebResourceLoadStatisticsStore::requestStorageAccessGranted):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241924 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months ago[JSC] Use Fast Malloc as much as possible
ysuzuki@apple.com [Fri, 22 Feb 2019 01:04:01 +0000 (01:04 +0000)]
[JSC] Use Fast Malloc as much as possible
https://bugs.webkit.org/show_bug.cgi?id=194316

Reviewed by Mark Lam.

We should use Fast Malloc as much as possible to offer the whole memory view to bmalloc.

* inspector/scripts/codegen/cpp_generator_templates.py:
* inspector/scripts/tests/all/expected/definitions-with-mac-platform.json-result:
* inspector/scripts/tests/generic/expected/enum-values.json-result:
* inspector/scripts/tests/generic/expected/events-with-optional-parameters.json-result:
* inspector/scripts/tests/generic/expected/generate-domains-with-feature-guards.json-result:
* inspector/scripts/tests/mac/expected/definitions-with-mac-platform.json-result:
* jit/ExecutableAllocator.h:
* jsc.cpp:
* runtime/JSRunLoopTimer.h:
* tools/VMInspector.h:
* wasm/WasmThunks.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241923 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoLeak of CFErrorRef objects (1.92 Kbytes) in com.apple.WebKit.WebContent.Development...
ddkilzer@apple.com [Fri, 22 Feb 2019 00:03:25 +0000 (00:03 +0000)]
Leak of CFErrorRef objects (1.92 Kbytes) in com.apple.WebKit.WebContent.Development running WebKit layout tests on iOS Simulator
<https://webkit.org/b/194761>

Reviewed by Myles Maxfield.

* WebKitTestRunner/InjectedBundle/cocoa/ActivateFontsCocoa.mm:
(WTR::activateSystemCoreWebFonts): Log `error` to console if
CTFontManagerRegisterFontsForURL() fails (macOS only).  Update
to use ARC-compliant cast.
(WTR::activateFonts): Change `0` to `nullptr`.  Update to use
ARC-compliant cast.
(WTR::installFakeHelvetica): Log `error` to console if
CTFontManagerRegisterFontsForURL() fails, but only on supported
platforms (macOS Mojave/iOS 12 and newer, not iOS Simulator).
Call CFRelease() on `error` to fix the leak.  Update to use
ARC-compliant cast.
(WTR::uninstallFakeHelvetica): Update to use ARC-compliant
cast.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241920 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoFix API test crashes after r241855.
cdumez@apple.com [Thu, 21 Feb 2019 23:59:29 +0000 (23:59 +0000)]
Fix API test crashes after r241855.

Reviewed by Ryosuke Niwa.

* UIProcess/WebProcessCache.cpp:
(WebKit::WebProcessCache::addProcessIfPossible):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241919 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoSame Site Lax cookies are not sent with cross-site redirect from client-initiated...
dbates@webkit.org [Thu, 21 Feb 2019 23:54:40 +0000 (23:54 +0000)]
Same Site Lax cookies are not sent with cross-site redirect from client-initiated load
https://bugs.webkit.org/show_bug.cgi?id=194906
<rdar://problem/44305947>

Reviewed by Brent Fulgham.

Source/WebCore:

Ensure that a request for a top-level navigation is annotated as such regardless of whether
the request has a computed Same Site policy.

"New loads" initiated by a the client (Safari) either by API or a human either explicitly
typing a URL in the address bar or Command + clicking a hyperlink to open it in a new window/tab
are always considered Same Site. This is by definition from the spec. [1] as we aren't navigating
from an existing page. (Command + click should be thought of as a convenience to the user from
having to copy the hyperlink's URL, create a new window, and paste the URL into the address bar).
Currently the frame loader marks a request as a top-level navigation if and only if the request
does not have a pre-computed Same Site policy. However, "New loads" have a pre-computed Same Site
policy. So, these loads would never be marked as a top-level navigation by the frame loading code.
Therefore, if the "new load" turned out to be a cross-site redirect then WebKit would incorrectly
tell the networking stack that the load was a cross-site, non-top-level navigation, and per the
Same Site spec [2], the networking stack would not send Same Site Lax cookies. Instead,
WebKit should unconditionally ensure that requests are marked as a top-level navigation, if applicable.

[1] See Note for (1) in  <https://tools.ietf.org/html/draft-ietf-httpbis-rfc6265bis-02#section-5.2>
[2] <https://tools.ietf.org/html/draft-ietf-httpbis-rfc6265bis-02#section-5.3.7.1>

Test: http/tests/cookies/same-site/user-load-cross-site-redirect.php

* loader/FrameLoader.cpp:
(WebCore::FrameLoader::addExtraFieldsToRequest): Unconditionally update the request's top-
level navigation bit.
* platform/network/ResourceRequestBase.cpp:
(WebCore::ResourceRequestBase::setAsIsolatedCopy): Unconditionally copy a request's top-
level navigation bit.

LayoutTests:

Add a test that is representative of a user loading a cross-site page that redirects
to a page that expects Same Site Lax cookies.

* http/tests/cookies/same-site/user-load-cross-site-redirect-expected.txt: Added.
* http/tests/cookies/same-site/user-load-cross-site-redirect.php: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241918 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoFlaky API Test: TestWebKitAPI.ProcessSwap.SuspendedPageLimit
cdumez@apple.com [Thu, 21 Feb 2019 23:53:11 +0000 (23:53 +0000)]
Flaky API Test: TestWebKitAPI.ProcessSwap.SuspendedPageLimit
https://bugs.webkit.org/show_bug.cgi?id=194481

Reviewed by Alex Christensen.

Give the processes a chance to shutdown and wait until we reached the expected number
of processes.

* TestWebKitAPI/Tests/WebKitCocoa/ProcessSwapOnNavigation.mm:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241917 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoFix the macOS build
timothy_horton@apple.com [Thu, 21 Feb 2019 23:16:20 +0000 (23:16 +0000)]
Fix the macOS build

* TestWebKitAPI/Tests/WebKitCocoa/ProcessSwapOnNavigation.mm:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241916 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoLayout Test fast/text/international/khmer-selection.html is crashing
pvollan@apple.com [Thu, 21 Feb 2019 23:12:36 +0000 (23:12 +0000)]
Layout Test fast/text/international/khmer-selection.html is crashing
https://bugs.webkit.org/show_bug.cgi?id=191368

Reviewed by Brent Fulgham.

Source/WebCore:

GlyphBuffer's offset array wasn't getting filled by UniscribeController.
Our underlining code requires this array.

Uniscribe gives us a character -> glyph mapping, so we just have to compute
the inverse and give it to the GlyphBuffer.

This patch is written by Myles C. Maxfield.

Test: fast/text/international/khmer-selection.html.

* platform/graphics/GlyphBuffer.h:
(WebCore::GlyphBuffer::add):
* platform/graphics/displaylists/DisplayListItems.cpp:
(WebCore::DisplayList::DrawGlyphs::generateGlyphBuffer const):
* platform/graphics/win/UniscribeController.cpp:
(WebCore::UniscribeController::advance):
(WebCore::UniscribeController::itemizeShapeAndPlace):
(WebCore::UniscribeController::shapeAndPlaceItem):
* platform/graphics/win/UniscribeController.h:

LayoutTests:

* platform/win/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241915 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agocontentfiltering tests leak documents
aestes@apple.com [Thu, 21 Feb 2019 23:11:58 +0000 (23:11 +0000)]
contentfiltering tests leak documents
https://bugs.webkit.org/show_bug.cgi?id=189434
<rdar://44239943>

Reviewed by Simon Fraser.

Changed ContentFilter to capture the blocked Frame as a WeakPtr to break a reference cycle.

This fixes world leaks in several tests in LayoutTests/contentfiltering/.

* bindings/js/ScriptController.h:
* loader/ContentFilter.cpp:
(WebCore::ContentFilter::didDecide):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241914 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoIndexedDB: leak UniqueIDBDatabase in layout tests
sihui_liu@apple.com [Thu, 21 Feb 2019 23:06:23 +0000 (23:06 +0000)]
IndexedDB: leak UniqueIDBDatabase in layout tests
https://bugs.webkit.org/show_bug.cgi?id=194870
<rdar://problem/48163812>

Reviewed by Geoffrey Garen.

UniqueIDBDatabase owns a pointer to itself after it is hard closed. It should release the pointer when it
receives confirmation from clients and all pending tasks are done. UniqueIDBDatabase already checks whether the
pointer should be released when a database task finishes, but it didn't perform a check when a confirm message
is received.

No new test as the order of task completion and confirmation arrival is uncertain.

* Modules/indexeddb/server/UniqueIDBDatabase.cpp:
(WebCore::IDBServer::UniqueIDBDatabase::confirmDidCloseFromServer):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241913 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoFix ProcessSwap.PageOverlayLayerPersistence on macOS
timothy_horton@apple.com [Thu, 21 Feb 2019 22:55:05 +0000 (22:55 +0000)]
Fix ProcessSwap.PageOverlayLayerPersistence on macOS

* TestWebKitAPI/Tests/WebKitCocoa/ProcessSwapOnNavigation.mm:
I am a backwards.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241908 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agocontentfiltering tests leak documents
aestes@apple.com [Thu, 21 Feb 2019 22:51:13 +0000 (22:51 +0000)]
contentfiltering tests leak documents
https://bugs.webkit.org/show_bug.cgi?id=189434
<rdar://44239943>

Reviewed by Simon Fraser.

Changed ContentFilter to capture the blocked Frame as a WeakPtr to break a reference cycle.

This fixes world leaks in several tests in LayoutTests/contentfiltering/.

* bindings/js/ScriptController.h:
* loader/ContentFilter.cpp:
(WebCore::ContentFilter::didDecide):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241906 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoFix ProcessSwap.PageOverlayLayerPersistence on macOS
timothy_horton@apple.com [Thu, 21 Feb 2019 22:50:14 +0000 (22:50 +0000)]
Fix ProcessSwap.PageOverlayLayerPersistence on macOS

* TestWebKitAPI/Tests/WebKitCocoa/ProcessSwapOnNavigation.mm:
We can't find the UI-side layer on macOS because we don't use UI-side compositing.
We could force on UI-side compositing, but I feel like the test might be more
valuable exercising the normal path on each platform (though the original
bug was also UI-side specific). Though we can't validate that the overlay
layer was installed successfully, there are layout tests that do that.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241905 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoRotation animations sometimes use the wrong origin (affects apple.com)
dino@apple.com [Thu, 21 Feb 2019 22:36:32 +0000 (22:36 +0000)]
Rotation animations sometimes use the wrong origin (affects apple.com)
https://bugs.webkit.org/show_bug.cgi?id=194878
<rdar://problem/43908047>

Reviewed by Simon Fraser.

Forgot the expected results file.

* animations/additive-transform-animations-expected.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241904 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoAPI::HTTPCookieStore should expose setCookies()
achristensen@apple.com [Thu, 21 Feb 2019 22:34:17 +0000 (22:34 +0000)]
API::HTTPCookieStore should expose setCookies()
https://bugs.webkit.org/show_bug.cgi?id=194861

Reviewed by Brent Fulgham.

Pass a Vector<Cookie> instead of just one cookie at a time.
This will add the ability to set multiple cookies without an IPC roundtrip per cookie.

* NetworkProcess/Cookies/WebCookieManager.cpp:
(WebKit::WebCookieManager::setCookie):
* NetworkProcess/Cookies/WebCookieManager.h:
* NetworkProcess/Cookies/WebCookieManager.messages.in:
* UIProcess/API/APIHTTPCookieStore.cpp:
(API::HTTPCookieStore::setCookies):
(API::HTTPCookieStore::setCookie): Deleted.
* UIProcess/API/APIHTTPCookieStore.h:
* UIProcess/API/Cocoa/WKHTTPCookieStore.mm:
(-[WKHTTPCookieStore setCookie:completionHandler:]):
* UIProcess/WebCookieManagerProxy.cpp:
(WebKit::WebCookieManagerProxy::setCookies):
(WebKit::WebCookieManagerProxy::setCookie): Deleted.
* UIProcess/WebCookieManagerProxy.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241903 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoMove UIWebTouchEventsGestureRecognizer.activeTouchesByIdentifier to SPI
commit-queue@webkit.org [Thu, 21 Feb 2019 21:43:43 +0000 (21:43 +0000)]
Move UIWebTouchEventsGestureRecognizer.activeTouchesByIdentifier to SPI
https://bugs.webkit.org/show_bug.cgi?id=194531
<rdar://problem/47714562>

Patch by Antoine Quint <graouts@apple.com> on 2019-02-21
Reviewed by Tim Horton.

Follow-up commit to ensure this SPI is only called on newer versions of iOS.

Source/WebKit:

* UIProcess/ios/WKContentViewInteraction.mm:
(-[WKContentView cancelPointersForGestureRecognizer:]):

Source/WTF:

* wtf/Platform.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241900 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoCrash under RemoteLayerTreePropertyApplier::applyProperties when reattaching to old...
timothy_horton@apple.com [Thu, 21 Feb 2019 21:34:26 +0000 (21:34 +0000)]
Crash under RemoteLayerTreePropertyApplier::applyProperties when reattaching to old process
https://bugs.webkit.org/show_bug.cgi?id=194845
<rdar://problem/47944579>

Reviewed by Antti Koivisto.

Source/WebKit:

New test: ProcessSwap.PageOverlayLayerPersistence

* Shared/RemoteLayerTree/RemoteLayerTreeTransaction.h:
(WebKit::RemoteLayerTreeTransaction::LayerProperties::notePropertiesChanged):
Keep track of all properties that have ever changed on a layer, so we
can re-send them if a layer moves between contexts.

* WebProcess/WebPage/DrawingArea.cpp:
(WebKit::DrawingArea::~DrawingArea):
(WebKit::DrawingArea::removeMessageReceiverIfNeeded):
* WebProcess/WebPage/DrawingArea.h:
(WebKit::DrawingArea::layerHostDidFlushLayers):
Make it possible to tear down DrawingArea's MessageReceiver before it is destroyed,
so that we can keep two DrawingAreas alive in a single process for a short time.

(WebKit::DrawingArea::adoptLayersFromDrawingArea):
Add adoptLayersFromDrawingArea; see below for its only useful implementation.

* WebProcess/WebPage/RemoteLayerTree/GraphicsLayerCARemote.cpp:
(WebKit::GraphicsLayerCARemote::GraphicsLayerCARemote):
(WebKit::GraphicsLayerCARemote::~GraphicsLayerCARemote):
(WebKit::GraphicsLayerCARemote::createPlatformCALayer):
(WebKit::GraphicsLayerCARemote::createPlatformCALayerForEmbeddedView):
(WebKit::GraphicsLayerCARemote::moveToContext):
* WebProcess/WebPage/RemoteLayerTree/GraphicsLayerCARemote.h:
Make it possible to move a GraphicsLayerCARemote between RemoteLayerTreeContexts.

* WebProcess/WebPage/RemoteLayerTree/PlatformCALayerRemote.cpp:
(WebKit::PlatformCALayerRemote::create):
(WebKit::PlatformCALayerRemote::createForEmbeddedView):
(WebKit::PlatformCALayerRemote::~PlatformCALayerRemote):
(WebKit::PlatformCALayerRemote::moveToContext):
* WebProcess/WebPage/RemoteLayerTree/PlatformCALayerRemote.h:
* WebProcess/WebPage/RemoteLayerTree/PlatformCALayerRemoteCustom.mm:
(WebKit::PlatformCALayerRemoteCustom::create):
(WebKit::PlatformCALayerRemoteCustom::clone const):
Make it possible to move a PlatformCALayerRemote between RemoteLayerTreeContexts.

* WebProcess/WebPage/RemoteLayerTree/RemoteLayerTreeContext.h:
* WebProcess/WebPage/RemoteLayerTree/RemoteLayerTreeContext.mm:
(WebKit::RemoteLayerTreeContext::~RemoteLayerTreeContext):
(WebKit::RemoteLayerTreeContext::adoptLayersFromContext):
(WebKit::RemoteLayerTreeContext::layerDidEnterContext):
(WebKit::RemoteLayerTreeContext::layerWillLeaveContext):
(WebKit::RemoteLayerTreeContext::graphicsLayerDidEnterContext):
(WebKit::RemoteLayerTreeContext::graphicsLayerWillLeaveContext):
(WebKit::RemoteLayerTreeContext::layerWasCreated): Deleted.
(WebKit::RemoteLayerTreeContext::layerWillBeDestroyed): Deleted.
Keep track of all GraphicsLayerCARemote instances in the context, like we
do for PlatformCALayerRemote, so that we can update their context backpointers if needed.

Also make it possible to move all outstanding layers to a new context.

* WebProcess/WebPage/RemoteLayerTree/RemoteLayerTreeDrawingArea.h:
* WebProcess/WebPage/RemoteLayerTree/RemoteLayerTreeDrawingArea.mm:
(WebKit::RemoteLayerTreeDrawingArea::adoptLayersFromDrawingArea):
* WebProcess/WebPage/WebPage.cpp:
(WebKit::WebPage::reinitializeWebPage):
When doing a DrawingArea swap, transition all layers from the old context
to the new one. In order to do this, we temporarily keep both DrawingAreas
alive, but make use of the new mechanism to remove the old one's MessageReceiver
before installing the new one, so that destroying the old one later doesn't
remove it (avoiding re-introducing bug 189481).

Tools:

* TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
* TestWebKitAPI/Tests/WebKitCocoa/ProcessSwapOnNavigation.mm:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241899 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months ago[CMake][Win] Fix !USE(CF) build of WebCore
don.olmstead@sony.com [Thu, 21 Feb 2019 21:06:37 +0000 (21:06 +0000)]
[CMake][Win] Fix !USE(CF) build of WebCore
https://bugs.webkit.org/show_bug.cgi?id=194879

Reviewed by Konstantin Tokarev.

* PlatformAppleWin.cmake:
* PlatformWin.cmake:
* PlatformWinCairo.cmake:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241876 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoWeb Inspector: Canvas: recordings with a single frame sometimes missing TreeElement
drousso@apple.com [Thu, 21 Feb 2019 19:59:01 +0000 (19:59 +0000)]
Web Inspector: Canvas: recordings with a single frame sometimes missing TreeElement
https://bugs.webkit.org/show_bug.cgi?id=194687

Reviewed by Joseph Pecoraro.

* UserInterface/Views/CanvasSidebarPanel.js:
(WI.CanvasSidebarPanel):
Wait until the entire `Recording` has been processed before setting the selected action.

* UserInterface/Views/CanvasSidebarPanel.css:
(.sidebar > .panel.navigation.canvas.has-recordings > .content > .recording-content):
Drive-by: ensure that the recording `TreeOutline` container element has the full height to
take advantage of for virtualization.

* UserInterface/Views/RecordingStateDetailsSidebarPanel.js:
(WI.RecordingStateDetailsSidebarPanel.prototype.set recording):
Drive-by: clear the `DataGrid` list when changing recordings since we removed all subviews.
git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241875 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoWeb Inspector: DOM Debugger: node-specific event breakpoints aren't cleared/recalcula...
drousso@apple.com [Thu, 21 Feb 2019 18:56:36 +0000 (18:56 +0000)]
Web Inspector: DOM Debugger: node-specific event breakpoints aren't cleared/recalculated on navigation
https://bugs.webkit.org/show_bug.cgi?id=194874
<rdar://problem/48253415>

Reviewed by Joseph Pecoraro.

* UserInterface/Controllers/DOMManager.js:
(WI.DOMManager.prototype._setDocument):
(WI.DOMManager.prototype.removeBreakpointForEventListener):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241874 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoRotation animations sometimes use the wrong origin (affects apple.com)
dino@apple.com [Thu, 21 Feb 2019 18:14:06 +0000 (18:14 +0000)]
Rotation animations sometimes use the wrong origin (affects apple.com)
https://bugs.webkit.org/show_bug.cgi?id=194878
<rdar://problem/43908047>

Follow-up commit to ensure this change only affects newer versions
of iOS.

* wtf/Platform.h: Add a version check.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241873 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoWeb Inspector: macOS user agent option should be available in device settings menu
drousso@apple.com [Thu, 21 Feb 2019 18:00:50 +0000 (18:00 +0000)]
Web Inspector: macOS user agent option should be available in device settings menu
https://bugs.webkit.org/show_bug.cgi?id=194885
<rdar://problem/48259253>

Reviewed by Joseph Pecoraro.

* UserInterface/Base/Main.js:
(WI._handleDeviceSettingsToolbarButtonClicked):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241870 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months ago[LFC][Floats] Add support for placing formatting roots in-between floats.
zalan@apple.com [Thu, 21 Feb 2019 17:58:15 +0000 (17:58 +0000)]
[LFC][Floats] Add support for placing formatting roots in-between floats.
https://bugs.webkit.org/show_bug.cgi?id=194902

Reviewed by Antti Koivisto.

Source/WebCore:

This patch add support for placing a formatting root box in-between existing floats.
The initial vertical position of a formatting root is its static position which can make the box
placed above exsiting floats (whereas we can never place a regular float above existing floats.)

Test: fast/block/block-only/floats-and-block-formatting-roots.html

* layout/blockformatting/BlockFormattingContext.cpp:
(WebCore::Layout::BlockFormattingContext::computePositionToAvoidFloats const):
* layout/floats/FloatingContext.cpp:
(WebCore::Layout::FloatPair::LeftRightIndex::isEmpty const):
(WebCore::Layout::FloatPair::isEmpty const):
(WebCore::Layout::FloatPair::operator* const):
(WebCore::Layout::Iterator::operator* const):
(WebCore::Layout::begin):
(WebCore::Layout::end):
(WebCore::Layout::FloatingContext::positionForFloat const):
(WebCore::Layout::FloatingContext::positionForFormattingContextRoot const):
(WebCore::Layout::findAvailablePosition):
(WebCore::Layout::FloatingContext::findPositionForFloatBox const):
(WebCore::Layout::FloatingContext::findPositionForFormattingContextRoot const):
(WebCore::Layout::FloatPair::FloatPair):
(WebCore::Layout::FloatPair::left const):
(WebCore::Layout::FloatPair::right const):
(WebCore::Layout::FloatPair::intersects const):
(WebCore::Layout::FloatPair::operator == const):
(WebCore::Layout::FloatPair::horizontalConstraints const):
(WebCore::Layout::FloatPair::bottom const):
(WebCore::Layout::Iterator::operator++):
(WebCore::Layout::Iterator::set):
(WebCore::Layout::FloatingPair::isEmpty const): Deleted.
(WebCore::Layout::FloatingPair::verticalConstraint const): Deleted.
(WebCore::Layout::FloatingContext::positionForFloatAvoiding const): Deleted.
(WebCore::Layout::FloatingContext::floatingPosition const): Deleted.
(WebCore::Layout::FloatingPair::FloatingPair): Deleted.
(WebCore::Layout::FloatingPair::left const): Deleted.
(WebCore::Layout::FloatingPair::right const): Deleted.
(WebCore::Layout::FloatingPair::intersects const): Deleted.
(WebCore::Layout::FloatingPair::operator == const): Deleted.
(WebCore::Layout::FloatingPair::horizontalConstraints const): Deleted.
(WebCore::Layout::FloatingPair::bottom const): Deleted.
* layout/floats/FloatingContext.h:

Tools:

* LayoutReloaded/misc/LFC-passing-tests.txt:

LayoutTests:

* fast/block/block-only/floats-and-block-formatting-roots-expected.html: Added.
* fast/block/block-only/floats-and-block-formatting-roots.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241869 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoUnreviewed API test fix after r241855.
cdumez@apple.com [Thu, 21 Feb 2019 17:24:51 +0000 (17:24 +0000)]
Unreviewed API test fix after r241855.

* UIProcess/WebProcessProxy.cpp:
(WebKit::WebProcessProxy::~WebProcessProxy):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241868 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months ago[WPE] Do not hardcode WPEBackend-fdo library name for linking tests
aperez@igalia.com [Thu, 21 Feb 2019 17:08:07 +0000 (17:08 +0000)]
[WPE] Do not hardcode WPEBackend-fdo library name for linking tests
https://bugs.webkit.org/show_bug.cgi?id=194901

Unreviewed build fix.

.:

* Source/cmake/FindWPEBackend-fdo.cmake: Use WPEBACKEND_FDO as prefix
for the output variables instead of WPEBackend-fdo, for consistency
with other usages of of find_package_handle_standard_args().

Tools:

* TestWebKitAPI/PlatformWPE.cmake: Set TestWebKitAPIBase to be linked
against the detected ${WPEBACKEND_FDO_LIBRARIES} instead of hardcoding
WPEBackend-fdo-0.1 as library name.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241866 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoMove UIWebTouchEventsGestureRecognizer.activeTouchesByIdentifier to SPI
graouts@webkit.org [Thu, 21 Feb 2019 13:55:51 +0000 (13:55 +0000)]
Move UIWebTouchEventsGestureRecognizer.activeTouchesByIdentifier to SPI
https://bugs.webkit.org/show_bug.cgi?id=194531
<rdar://problem/47714562>

Reviewed by Dean Jackson.

* Platform/spi/ios/UIKitSPI.h:
* UIProcess/ios/WKContentViewInteraction.mm:
(-[WKContentView cancelPointersForGestureRecognizer:]): We update the referenced Radar since we need to keep the call
to respondsToSelector until the SPI has shipped for OpenSource builds to work.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241865 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months ago[GTK] Gardening for unexpected passes
dpino@igalia.com [Thu, 21 Feb 2019 12:29:17 +0000 (12:29 +0000)]
[GTK] Gardening for unexpected passes
https://bugs.webkit.org/show_bug.cgi?id=194854

Unreviewed test gardening.

* platform/gtk/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241864 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoUpdate MIME type parser
commit-queue@webkit.org [Thu, 21 Feb 2019 08:39:00 +0000 (08:39 +0000)]
Update MIME type parser
https://bugs.webkit.org/show_bug.cgi?id=180526

Patch by Rob Buis <rbuis@igalia.com> on 2019-02-21
Reviewed by Darin Adler.

LayoutTests/imported/w3c:

Update improved test expectations.

* web-platform-tests/xhr/overridemimetype-blob-expected.txt:

Source/WebCore:

Further testing showed the MIME parser needs these fixes:
- stripWhitespace is wrong for removing HTTP whitespace, use
  stripLeadingAndTrailingHTTPSpaces instead.
- HTTP Token code points checking for Rfc2045 and Mimesniff were
  mixed up, use the dedicated isValidHTTPToken for Mimesniff mode.
- Quoted Strings were not unescaped/escaped, this seems ok for
  serializing but is wrong when gettings individual parameter values.
  Implement [1] and [2] Step 2.4 to properly unescape and escape.

This change also tries to avoid hard to read uses of find.

Test: ParsedContentType.Serialize

[1] https://fetch.spec.whatwg.org/#collect-an-http-quoted-string
[2] https://mimesniff.spec.whatwg.org/#serializing-a-mime-type

* platform/network/ParsedContentType.cpp:
(WebCore::skipSpaces):
(WebCore::parseToken):
(WebCore::isNotQuoteOrBackslash):
(WebCore::collectHTTPQuotedString):
(WebCore::containsNonTokenCharacters):
(WebCore::parseQuotedString):
(WebCore::ParsedContentType::parseContentType):
(WebCore::ParsedContentType::create):
(WebCore::ParsedContentType::setContentType):
(WebCore::containsNonQuoteStringTokenCharacters):
(WebCore::ParsedContentType::setContentTypeParameter):
(WebCore::ParsedContentType::serialize const):
(WebCore::substringForRange): Deleted.
(WebCore::isNonTokenCharacter): Deleted.
(WebCore::isNonQuotedStringTokenCharacter): Deleted.
* platform/network/ParsedContentType.h:

Tools:

Add tests involving leading and trailing whitespace, non-token
characters and quoted strings.

* TestWebKitAPI/Tests/WebCore/ParsedContentType.cpp:
(TestWebKitAPI::TEST):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241863 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months ago[JSC] Remove WatchpointSet creation for SymbolTable entries if VM::canUseJIT() return...
ysuzuki@apple.com [Thu, 21 Feb 2019 05:59:53 +0000 (05:59 +0000)]
[JSC] Remove WatchpointSet creation for SymbolTable entries if VM::canUseJIT() returns false
https://bugs.webkit.org/show_bug.cgi?id=194891

Reviewed by Geoffrey Garen.

WatchpointSet in SymbolTable is used to fold the value into a constant in JIT tiers. And it is
not useful under the non-JIT mode. This patch avoids creation of WatchpointSet in SymbolTable
if VM::canUseJIT() returns false.

* llint/LowLevelInterpreter32_64.asm:
* llint/LowLevelInterpreter64.asm:
* runtime/SymbolTable.cpp:
(JSC::SymbolTableEntry::addWatchpoint): Deleted.
* runtime/SymbolTable.h:
(JSC::SymbolTableEntry::isWatchable const):
(JSC::SymbolTableEntry::watchpointSet):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241862 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoREGRESSION (240698): Fixed position banners flicker and move when scrolling on iOS
simon.fraser@apple.com [Thu, 21 Feb 2019 03:32:50 +0000 (03:32 +0000)]
REGRESSION (240698): Fixed position banners flicker and move when scrolling on iOS
https://bugs.webkit.org/show_bug.cgi?id=194889
rdar://problem/47755552

Reviewed by Tim Horton.

After r240698 we could commit scrolling changes for a fixed node where the "viewportRectAtLastLayout" and the layer
position were mismatched; this happened when AsyncScrollingCoordinator::reconcileScrollingState() came back from the UI process
with an unstable update and set a new layoutViewport, then some other layout triggered a compositing tree update. During the tree
update, we'd update the fixed scrolling node with the new viewport, and an old layer position.

Fix by ensuring that we only update the geometry info for a scrolling tree node when we update layer geometry for the corresponding
layer.

Not currently testable.

* rendering/RenderLayerCompositor.cpp:
(WebCore::RenderLayerCompositor::updateBackingAndHierarchy):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241860 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoMake programmatic frame scrolling work on iOS
antti@apple.com [Thu, 21 Feb 2019 03:28:11 +0000 (03:28 +0000)]
Make programmatic frame scrolling work on iOS
https://bugs.webkit.org/show_bug.cgi?id=194886

Reviewed by Simon Fraser.

Source/WebKit:

* UIProcess/RemoteLayerTree/ios/ScrollingTreeScrollingNodeDelegateIOS.mm:
(WebKit::ScrollingTreeScrollingNodeDelegateIOS::commitStateAfterChildren):

Don't move based on the layout scroll position. This just overrides the user scroll position.
Remove ScrolledContentsLayer checks, we only need to deal with the ScrollContainerLayer here.

(WebKit::ScrollingTreeScrollingNodeDelegateIOS::setScrollLayerPosition):

Scroll the UIScrollView correctly. This is called as a result of setting the RequestedScrollPosition property.
Remove scroll origin code, it doesn't look correct (and is untested).

LayoutTests:

Test by Frederic Wang.

* fast/scrolling/ios/programmatic-scroll-iframe-expected.html: Added.
* fast/scrolling/ios/programmatic-scroll-iframe.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241859 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months ago[CMake][Win] Only build DumpRenderTree when WebKit Legacy is enabled
don.olmstead@sony.com [Thu, 21 Feb 2019 02:55:50 +0000 (02:55 +0000)]
[CMake][Win] Only build DumpRenderTree when WebKit Legacy is enabled
https://bugs.webkit.org/show_bug.cgi?id=194884

Reviewed by Michael Catanzaro.

* PlatformWin.cmake:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241858 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoWeb Inspector: RTL: Scripts Timeline loading indicator has incorrect margins
commit-queue@webkit.org [Thu, 21 Feb 2019 02:45:24 +0000 (02:45 +0000)]
Web Inspector: RTL: Scripts Timeline loading indicator has incorrect margins
https://bugs.webkit.org/show_bug.cgi?id=194882

Patch by Joseph Pecoraro <pecoraro@apple.com> on 2019-02-20
Reviewed by Matt Baker.

* UserInterface/Views/TimelineRecordingContentView.css:
(.content-view.timeline-recording > .content-browser .recording-progress > .status > .indeterminate-progress-spinner):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241857 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoURL percent-encode operations should use checked arithmetic for buffer allocation...
commit-queue@webkit.org [Thu, 21 Feb 2019 01:36:04 +0000 (01:36 +0000)]
URL percent-encode operations should use checked arithmetic for buffer allocation length
https://bugs.webkit.org/show_bug.cgi?id=194877
<rdar://problem/48212062>

Patch by Alex Christensen <achristensen@webkit.org> on 2019-02-20
Reviewed by Tim Horton.

* wtf/URLHelpers.cpp:
(WTF::URLHelpers::userVisibleURL):
* wtf/cocoa/NSURLExtras.mm:
(WTF::dataWithUserTypedString):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241856 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months ago[PSON] Make sure hung processes are not kept alive by suspended pages or process...
cdumez@apple.com [Thu, 21 Feb 2019 01:25:46 +0000 (01:25 +0000)]
[PSON] Make sure hung processes are not kept alive by suspended pages or process caching
https://bugs.webkit.org/show_bug.cgi?id=194881
<rdar://problem/48249014>

Reviewed by Geoffrey Garen.

After we construct a SuspendedPageProxy and before we send the IPC to the WebProcess to
ask it to suspend, start a 10 seconds timer. If the process does not answer the request
to suspend before the timer fires, we destroy the SuspendedPageProxy so that we do not
keep a hung process around.

For the WebProcessCache, we now call WebProcessProxy::isResponsive() on the process
before adding it to the cache. Internally, this relies on an IPC handshake with the
WebProcess. If the process is not responsive, we do not add it to the cache and we
shut it down. If it is responsive then we proceed normally with adding it to the
cache.

* UIProcess/SuspendedPageProxy.cpp:
(WebKit::SuspendedPageProxy::SuspendedPageProxy):
(WebKit::SuspendedPageProxy::didProcessRequestToSuspend):
(WebKit::SuspendedPageProxy::suspensionTimedOut):
* UIProcess/SuspendedPageProxy.h:
* UIProcess/WebProcessCache.cpp:
(WebKit::WebProcessCache::addProcessIfPossible):
(WebKit::WebProcessCache::addProcess):
* UIProcess/WebProcessCache.h:
* UIProcess/WebProcessProxy.cpp:
(WebKit::WebProcessProxy::processDidTerminateOrFailedToLaunch):
(WebKit::WebProcessProxy::maybeShutDown):
(WebKit::WebProcessProxy::isResponsive):
* UIProcess/WebProcessProxy.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241855 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoAdd API test for <rdar://problem/47471222>
cdumez@apple.com [Thu, 21 Feb 2019 01:09:39 +0000 (01:09 +0000)]
Add API test for <rdar://problem/47471222>
https://bugs.webkit.org/show_bug.cgi?id=194847

Reviewed by Alex Christensen.

* TestWebKitAPI/Tests/WebKitCocoa/ProcessSwapOnNavigation.mm:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241854 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoUnreviewed build fix after r241823.
cdumez@apple.com [Thu, 21 Feb 2019 00:51:57 +0000 (00:51 +0000)]
Unreviewed build fix after r241823.

* UIProcess/SuspendedPageProxy.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241853 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoRotation animations sometimes use the wrong origin (affects apple.com)
dino@apple.com [Thu, 21 Feb 2019 00:48:37 +0000 (00:48 +0000)]
Rotation animations sometimes use the wrong origin (affects apple.com)
https://bugs.webkit.org/show_bug.cgi?id=194878
<rdar://problem/43908047>

Reviewed by Simon Fraser.

Source/WebCore:

Some versions of CoreAnimation apply additive animations in reverse
order. Detect this and reverse the list of animations we provide.

Update the existing animations/additive-transform-animations.html test to
be a ref-test that would identify this failure. Previously it relied on
a pixel test.

* platform/graphics/ca/GraphicsLayerCA.cpp: Use
    HAVE_CA_WHERE_ADDITIVE_TRANSFORMS_ARE_REVERSED to decide whether or
    not to flip the list of animations (and mark the correct ones as
    additive).
(WebCore::GraphicsLayerCA::appendToUncommittedAnimations):
(WebCore::GraphicsLayerCA::createTransformAnimationsFromKeyframes):

Source/WTF:

* wtf/Platform.h: Add HAVE(CA_WHERE_ADDITIVE_TRANSFORMS_ARE_REVERSED).

LayoutTests:

Update an old pixel test to be a new ref test, and remove all the old platform-specific
-expected versions.

* animations/additive-transform-animations-expected.png: Removed.
* animations/additive-transform-animations.html:
* legacy-animation-engine/animations/additive-transform-animations-expected.png: Removed.
* legacy-animation-engine/animations/additive-transform-animations.html:
* platform/gtk/animations/additive-transform-animations-expected.png: Removed.
* platform/gtk/animations/additive-transform-animations-expected.txt: Removed.
* platform/gtk/legacy-animation-engine/animations/additive-transform-animations-expected.png: Removed.
* platform/gtk/legacy-animation-engine/animations/additive-transform-animations-expected.txt: Removed.
* platform/ios/animations/additive-transform-animations-expected.txt: Removed.
* platform/ios/legacy-animation-engine/animations/additive-transform-animations-expected.txt: Removed.
* platform/mac/animations/additive-transform-animations-expected.txt: Removed.
* platform/mac/legacy-animation-engine/animations/additive-transform-animations-expected.txt: Removed.
* platform/win/animations/additive-transform-animations-expected.txt: Removed.
* platform/win/legacy-animation-engine/animations/additive-transform-animations-expected.txt: Removed.
* platform/wincairo/animations/additive-transform-animations-expected.txt: Removed.
* platform/wincairo/legacy-animation-engine/animations/additive-transform-animations-expected.txt: Removed.
* platform/wpe/animations/additive-transform-animations-expected.txt: Removed.
* platform/wpe/legacy-animation-engine/animations/additive-transform-animations-expected.txt: Removed.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241852 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months ago[Win] Guard CF usage in RenderThemeWin
don.olmstead@sony.com [Thu, 21 Feb 2019 00:19:16 +0000 (00:19 +0000)]
[Win] Guard CF usage in RenderThemeWin
https://bugs.webkit.org/show_bug.cgi?id=194875

Reviewed by Alex Christensen.

No new tests. No change in behavior.

Add #if USE(CF) checks to RenderThemeWin so it can compile without CF support.

* rendering/RenderThemeWin.cpp:
(WebCore::RenderThemeWin::stringWithContentsOfFile):
(WebCore::RenderThemeWin::mediaControlsStyleSheet):
(WebCore::RenderThemeWin::mediaControlsScript):
* rendering/RenderThemeWin.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241851 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoUnreviewed, rolling out r241838.
achristensen@apple.com [Thu, 21 Feb 2019 00:12:44 +0000 (00:12 +0000)]
Unreviewed, rolling out r241838.

Broke API tests

Reverted changeset:

"Resolve WebsiteDataStore/HTTPCookieStore ref cycle"
https://bugs.webkit.org/show_bug.cgi?id=194868
https://trac.webkit.org/changeset/241838

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241850 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoAdd code to validate expected GC activity modelled by doesGC() against what the runti...
mark.lam@apple.com [Thu, 21 Feb 2019 00:10:43 +0000 (00:10 +0000)]
Add code to validate expected GC activity modelled by doesGC() against what the runtime encounters.
https://bugs.webkit.org/show_bug.cgi?id=193938
<rdar://problem/47616277>

Reviewed by Michael Saboff, Saam Barati, and Robin Morisset.

In DFG::SpeculativeJIT::compile() and FTL::LowerDFGToB3::compileNode(), before
emitting code / B3IR for each DFG node, we emit a write to set Heap::m_expectDoesGC
to the value returned by doesGC() for that node.  In the runtime (i.e. in allocateCell()
and functions that can resolve a rope), we assert that Heap::m_expectDoesGC is
true.

This validation code is currently only enabled for debug builds.  It is disabled
for release builds by default, but it can easily be made to run on release builds
as well by forcing ENABLE_DFG_DOES_GC_VALIDATION to 1 in Heap.h.

To allow this validation code to run on release builds as well, the validation uses
RELEASE_ASSERT instead of ASSERT.

To ensure that Heap.h is #include'd for all files that needs to do this validation
(so that the validation code is accidentally disabled), we guard the validation
code with an if conditional on constexpr bool validateDFGDoesGC (instead of using
a #if ENABLE(DFG_DOES_GC_VALIDATION)).  This way, if Heap.h isn't #include'd, the
validation code will fail to build (no silent failures).

Currently, all JSC tests and Layout tests should pass with this validation enabled
in debug builds.  We'll only see new failures if there's a regression or if new
tests reveal a previously untested code path that has an undetected issue.

* dfg/DFGOSRExit.cpp:
(JSC::DFG::OSRExit::executeOSRExit):
(JSC::DFG::OSRExit::compileExit):
* dfg/DFGSpeculativeJIT64.cpp:
(JSC::DFG::SpeculativeJIT::compile):
* ftl/FTLLowerDFGToB3.cpp:
(JSC::FTL::DFG::LowerDFGToB3::compileNode):
* ftl/FTLOSRExitCompiler.cpp:
(JSC::FTL::compileStub):
* heap/Heap.h:
(JSC::Heap::expectDoesGC const):
(JSC::Heap::setExpectDoesGC):
(JSC::Heap::addressOfExpectDoesGC):
* jit/JITArithmetic.cpp:
(JSC::JIT::emit_compareAndJump):
* runtime/JSCellInlines.h:
(JSC::tryAllocateCellHelper):
* runtime/JSString.h:
(JSC::jsSingleCharacterString):
(JSC::JSString::toAtomicString const):
(JSC::JSString::toExistingAtomicString const):
(JSC::JSString::value const):
(JSC::JSString::tryGetValue const):
(JSC::JSRopeString::unsafeView const):
(JSC::JSRopeString::viewWithUnderlyingString const):
(JSC::JSString::unsafeView const):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241849 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoCrash in DOMWindowExtension::suspendForPageCache
rniwa@webkit.org [Thu, 21 Feb 2019 00:06:27 +0000 (00:06 +0000)]
Crash in DOMWindowExtension::suspendForPageCache
https://bugs.webkit.org/show_bug.cgi?id=194871

Reviewed by Chris Dumez.

This is a speculative fix for a crash in DOMWindowExtension::suspendForPageCache.

We think it's possible for DOMWindowExtension::suspendForPageCache notifying the clients via
dispatchWillDisconnectDOMWindowExtensionFromGlobalObject to remove other DOMWindowExtension's.
Check that each DOMWindowProperty is still in m_properties before invoking suspendForPageCache
to avoid the crash.

* page/DOMWindow.cpp:
(WebCore::DOMWindow::willDestroyCachedFrame):
(WebCore::DOMWindow::willDestroyDocumentInFrame):
(WebCore::DOMWindow::willDetachDocumentFromFrame):
(WebCore::DOMWindow::suspendForPageCache):
(WebCore::DOMWindow::resumeFromPageCache):
* page/DOMWindowExtension.cpp:
(WebCore::DOMWindowExtension::suspendForPageCache):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241848 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months ago[bmalloc] bmalloc::Heap is allocated even though we use system malloc mode
ysuzuki@apple.com [Thu, 21 Feb 2019 00:03:17 +0000 (00:03 +0000)]
[bmalloc] bmalloc::Heap is allocated even though we use system malloc mode
https://bugs.webkit.org/show_bug.cgi?id=194836

Reviewed by Mark Lam.

Previously, bmalloc::Heap holds DebugHeap, and delegates allocation and deallocation to debug heap.
However, bmalloc::Heap is large. We would like to avoid initialization of bmalloc::Heap under the
system malloc mode.

This patch extracts out DebugHeap from bmalloc::Heap, and logically puts this in a boundary of
bmalloc::api. bmalloc::api delegates allocation and deallocation to DebugHeap if DebugHeap is enabled.
Otherwise, using bmalloc's usual mechanism. The challenge is that we would like to keep bmalloc fast
path fast.

1. For IsoHeaps, we use the similar techniques done in Cache. If the debug mode is enabled, we always go
   to the slow path of the IsoHeap allocation, and keep IsoTLS::get() returning nullptr. In the slow path,
   we just fallback to the usual bmalloc::api::tryMalloc implementation. This is efficient because bmalloc
   continues using the fast path.

2. For the other APIs, like freeLargeVirtual, we just put DebugHeap check because this API itself takes fair
   amount of time. Then debug heap check does not matter.

* bmalloc/Allocator.cpp:
(bmalloc::Allocator::reallocateImpl):
* bmalloc/Cache.cpp:
(bmalloc::Cache::tryAllocateSlowCaseNullCache):
(bmalloc::Cache::allocateSlowCaseNullCache):
(bmalloc::Cache::deallocateSlowCaseNullCache):
(bmalloc::Cache::tryReallocateSlowCaseNullCache):
(bmalloc::Cache::reallocateSlowCaseNullCache):
(): Deleted.
(bmalloc::debugHeap): Deleted.
* bmalloc/DebugHeap.cpp:
* bmalloc/DebugHeap.h:
(bmalloc::DebugHeap::tryGet):
* bmalloc/Heap.cpp:
(bmalloc::Heap::Heap):
(bmalloc::Heap::footprint):
(bmalloc::Heap::tryAllocateLarge):
(bmalloc::Heap::deallocateLarge):
* bmalloc/Heap.h:
(bmalloc::Heap::debugHeap): Deleted.
* bmalloc/IsoTLS.cpp:
(bmalloc::IsoTLS::IsoTLS):
(bmalloc::IsoTLS::isUsingDebugHeap): Deleted.
(bmalloc::IsoTLS::debugMalloc): Deleted.
(bmalloc::IsoTLS::debugFree): Deleted.
* bmalloc/IsoTLS.h:
* bmalloc/IsoTLSInlines.h:
(bmalloc::IsoTLS::allocateSlow):
(bmalloc::IsoTLS::deallocateSlow):
* bmalloc/ObjectType.cpp:
(bmalloc::objectType):
* bmalloc/ObjectType.h:
* bmalloc/Scavenger.cpp:
(bmalloc::Scavenger::Scavenger):
* bmalloc/bmalloc.cpp:
(bmalloc::api::tryLargeZeroedMemalignVirtual):
(bmalloc::api::freeLargeVirtual):
(bmalloc::api::scavenge):
(bmalloc::api::isEnabled):
(bmalloc::api::setScavengerThreadQOSClass):
(bmalloc::api::commitAlignedPhysical):
(bmalloc::api::decommitAlignedPhysical):
(bmalloc::api::enableMiniMode):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241847 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoREGRESSION: [ iOS ] Layout Test editing/input/ios/rtl-keyboard-input-on-focus.html...
wenson_hsieh@apple.com [Wed, 20 Feb 2019 23:34:50 +0000 (23:34 +0000)]
REGRESSION: [ iOS ] Layout Test editing/input/ios/rtl-keyboard-input-on-focus.html is a Timeout
https://bugs.webkit.org/show_bug.cgi?id=194601
<rdar://problem/48080316>

Reviewed by Tim Horton.

Following r241311, if a web view becomes first responder and is then moved offscreen (or obscured, hidden, or in
the case of WebKitTestRunner, its UIWindow loses its status as keyWindow), we end up holding on to the input
view update deferral token indefinitely, waiting for the current focused element to be blurred or refocused.

This also manifests other user-facing bugs, the most common of which is the keyboard occasionally remaining
onscreen after typing a URL in the unified field in MobileSafari and hitting Return, in the case where there is
no autofocused element on the page.

To fix this, when becoming the first responder, additionally install a callback to detect when the page is
finished handling the activity state change, and invalidate the input deferral token then. This retains the
behavior where calling -becomeFirstResponder on the web view while a different view is focused will keep the
keyboard stable, since the focused element message from the web process should be dispatched when handling the
activity state change within the web process.

Of course, the web process may not be responsive at all while the web view is still in the view hierarchy, in
which case we may still end up deferring input view updates indefinitely. In this case, we maintain a separate
watchdog timer with a short delay, after which we unconditionally invalidate the token.

* UIProcess/WebPageProxy.cpp:
(WebKit::WebPageProxy::installActivityStateChangeCompletionHandler):

Move the implementation of installActivityStateChangeCompletionHandler into cross-platform code.

* UIProcess/WebPageProxy.h:
* UIProcess/ios/WKContentView.mm:
* UIProcess/ios/WKContentViewInteraction.mm:
(-[WKContentView cleanupInteraction]):
(-[WKContentView _cancelPreviousResetInputViewDeferralRequest]):
(-[WKContentView _scheduleResetInputViewDeferralAfterBecomingFirstResponder]):
(-[WKContentView _resetInputViewDeferral]):
(-[WKContentView becomeFirstResponderForWebView]):
(-[WKContentView resignFirstResponderForWebView]):
(-[WKContentView _commitPotentialTapFailed]):
(-[WKContentView _didNotHandleTapAsClick:]):
(-[WKContentView _didCompleteSyntheticClick]):

Funnel all existing calls that reset _inputViewDeferralToken to nullptr, such that they go through a helper
method instead that also cancels any scheduled requests to clear the token.

* WebProcess/WebPage/RemoteLayerTree/RemoteLayerTreeDrawingArea.mm:
(WebKit::RemoteLayerTreeDrawingArea::activityStateDidChange):

Respond to all pending callbacks after handling the activity state change.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241846 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoRegression(PSON) "Reload without content extensions" does not work when the main...
cdumez@apple.com [Wed, 20 Feb 2019 23:30:03 +0000 (23:30 +0000)]
Regression(PSON) "Reload without content extensions" does not work when the main resource is blocked
https://bugs.webkit.org/show_bug.cgi?id=194872
<rdar://problem/47924500>

Reviewed by Alex Christensen.

Source/WebKit:

[WKWebView _reloadWithoutContentBlockers] relies on a ReloadOption flag that is passed to WebCore
instead of using WebsitePolicies.contentBlockersEnabled flag. If the reload causes a process swap
due to PSON, then the new process does not know about this ReloadOption and fails to honor it.

Since the modern way to do this is WebsitePolicies, and since WebsitePolicies are properly
propagated cross-process in case of process swap, this patch updates _reloadWithoutContentBlockers
to set a flag on the Navigation which we use to later set the WebsitePolicies.contentBlockersEnabled
flag in WebPageProxy::receivedNavigationPolicyDecision().

* UIProcess/API/APINavigation.h:
(API::Navigation::setUserContentExtensionsEnabled):
(API::Navigation::userContentExtensionsEnabled const):
* UIProcess/WebPageProxy.cpp:
(WebKit::WebPageProxy::reload):
(WebKit::WebPageProxy::receivedNavigationPolicyDecision):

Tools:

Add API test coverage.

* TestWebKitAPI/Tests/WebKitCocoa/ProcessSwapOnNavigation.mm:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241845 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoUnreviewed, rolling out r241817.
tsavell@apple.com [Wed, 20 Feb 2019 23:26:54 +0000 (23:26 +0000)]
Unreviewed, rolling out r241817.

Caused 4 API failures

Reverted changeset:

"[GTK] Epiphany searching for plugins even if plugins are
disabled"
https://bugs.webkit.org/show_bug.cgi?id=194352
https://trac.webkit.org/changeset/241817

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241844 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoAdd a git utility method that allows the caller to determine if a specific commitish...
jer.noble@apple.com [Wed, 20 Feb 2019 23:25:23 +0000 (23:25 +0000)]
Add a git utility method that allows the caller to determine if a specific commitish is within a specified range of commits.
https://bugs.webkit.org/show_bug.cgi?id=191332

Reviewed by Dean Jackson.

* Scripts/git-is-in-range: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241843 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoAlways call CompletionHandlers after r240909
commit-queue@webkit.org [Wed, 20 Feb 2019 22:52:18 +0000 (22:52 +0000)]
Always call CompletionHandlers after r240909
https://bugs.webkit.org/show_bug.cgi?id=194823

Patch by Alex Christensen <achristensen@webkit.org> on 2019-02-20
Reviewed by Ryosuke Niwa.

* loader/PolicyChecker.cpp:
(WebCore::PolicyChecker::checkNavigationPolicy):
(WebCore::PolicyChecker::checkNewWindowPolicy):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241842 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months ago[Xcode] Add SDKVariant.xcconfig to various Xcode projects
aestes@apple.com [Wed, 20 Feb 2019 22:37:28 +0000 (22:37 +0000)]
[Xcode] Add SDKVariant.xcconfig to various Xcode projects
https://bugs.webkit.org/show_bug.cgi?id=194869

Rubber-stamped by Jer Noble.

Source/bmalloc:

* bmalloc.xcodeproj/project.pbxproj:

Source/JavaScriptCore:

* JavaScriptCore.xcodeproj/project.pbxproj:

Source/ThirdParty/ANGLE:

* ANGLE.xcodeproj/project.pbxproj:

Source/ThirdParty/libwebrtc:

* libwebrtc.xcodeproj/project.pbxproj:

Source/WebCore:

* WebCore.xcodeproj/project.pbxproj:

Source/WebInspectorUI:

* WebInspectorUI.xcodeproj/project.pbxproj:

Source/WebKit:

* WebKit.xcodeproj/project.pbxproj:

Source/WebKitLegacy:

* WebKitLegacy.xcodeproj/project.pbxproj:

Source/WTF:

* WTF.xcodeproj/project.pbxproj:

Tools:

* DumpRenderTree/DumpRenderTree.xcodeproj/project.pbxproj:
* ImageDiff/ImageDiff.xcodeproj/project.pbxproj:
* MiniBrowser/MiniBrowser.xcodeproj/project.pbxproj:
* MobileMiniBrowser/MobileMiniBrowser.xcodeproj/project.pbxproj:
* TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
* WebKitTestRunner/WebKitTestRunner.xcodeproj/project.pbxproj:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241841 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agodrawImage() clears the canvas if it's the source of the image and globalCompositeOper...
commit-queue@webkit.org [Wed, 20 Feb 2019 22:28:13 +0000 (22:28 +0000)]
drawImage() clears the canvas if it's the source of the image and globalCompositeOperation is "copy"
https://bugs.webkit.org/show_bug.cgi?id=194746

Patch by Said Abou-Hallawa <sabouhallawa@apple.com> on 2019-02-20
Reviewed by Dean Jackson.

Source/WebCore:

Test: fast/canvas/canvas-drawImage-composite-copy.html

If the source canvas of drawImage() is the same as the destination and
globalCompositeOperation is set to "copy", copy the srcRect from the
canvas to a temporary buffer before calling clearCanvas() then drawImage
from this temporary buffer.

* html/canvas/CanvasRenderingContext2DBase.cpp:
(WebCore::CanvasRenderingContext2DBase::drawImage):
* platform/graphics/ImageBuffer.cpp:
(WebCore::ImageBuffer::copyRectToBuffer):
* platform/graphics/ImageBuffer.h:

LayoutTests:

* fast/canvas/canvas-drawImage-composite-copy-expected.html: Added.
* fast/canvas/canvas-drawImage-composite-copy.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241840 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoAdded macOS Mojave builds to the WebKit Build Archives.
jond@apple.com [Wed, 20 Feb 2019 22:25:23 +0000 (22:25 +0000)]
Added macOS Mojave builds to the WebKit Build Archives.
https://bugs.webkit.org/show_bug.cgi?id=190908

Reviewed by Lucas Forschler.

* wp-content/themes/webkit/build-archives.php:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241839 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoResolve WebsiteDataStore/HTTPCookieStore ref cycle
commit-queue@webkit.org [Wed, 20 Feb 2019 22:22:17 +0000 (22:22 +0000)]
Resolve WebsiteDataStore/HTTPCookieStore ref cycle
https://bugs.webkit.org/show_bug.cgi?id=194868

Patch by Alex Christensen <achristensen@webkit.org> on 2019-02-20
Reviewed by Geoffrey Garen.

* UIProcess/API/APIHTTPCookieStore.cpp:
(API::HTTPCookieStore::HTTPCookieStore):
(API::HTTPCookieStore::cookies):
(API::HTTPCookieStore::setCookie):
(API::HTTPCookieStore::deleteCookie):
(API::HTTPCookieStore::registerObserver):
(API::HTTPCookieStore::unregisterObserver):
(API::HTTPCookieStore::cookieManagerDestroyed):
(API::HTTPCookieStore::registerForNewProcessPoolNotifications):
(API::HTTPCookieStore::ref const):
(API::HTTPCookieStore::deref const):
* UIProcess/API/APIHTTPCookieStore.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241838 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months ago[bmalloc] DebugHeap::malloc does not have "try" version.
ysuzuki@apple.com [Wed, 20 Feb 2019 22:22:07 +0000 (22:22 +0000)]
[bmalloc] DebugHeap::malloc does not have "try" version.
https://bugs.webkit.org/show_bug.cgi?id=194837

Reviewed by Mark Lam.

Since DebugHeap::malloc does not have "try" version, our tryAllocate implementation does not work well with DebugHeap.
This patch adds crashOnFailure flag to DebugHeap::malloc.

* bmalloc/Cache.cpp:
(bmalloc::Cache::tryAllocateSlowCaseNullCache):
(bmalloc::Cache::allocateSlowCaseNullCache):
* bmalloc/DebugHeap.cpp:
(bmalloc::DebugHeap::malloc):
* bmalloc/DebugHeap.h:
* bmalloc/IsoTLS.cpp:
(bmalloc::IsoTLS::debugMalloc):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241837 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months ago[ Mac WK2 ] REGRESSION (r231450) Layout Test http/tests/security/contentSecurityPolic...
tsavell@apple.com [Wed, 20 Feb 2019 22:22:07 +0000 (22:22 +0000)]
[ Mac WK2 ] REGRESSION (r231450) Layout Test http/tests/security/contentSecurityPolicy/block-all-mixed-content/insecure-image-in-iframe-with-enforced-and-report-policies.html is a flaky failure
https://bugs.webkit.org/show_bug.cgi?id=194350

Unreviewed test gardening.

Patch by Shawn Roberts <sroberts@apple.com> on 2019-02-20

* platform/mac-wk2/TestExpectations: Marking as flaky until a fix lands

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241836 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months ago[ Mac WK1 ] REGRESSION (r230006) Layout Test media/modern-media-controls/compact...
tsavell@apple.com [Wed, 20 Feb 2019 22:04:04 +0000 (22:04 +0000)]
[ Mac WK1 ] REGRESSION (r230006) Layout Test media/modern-media-controls/compact-media-controls/compact-media-controls-layout.html is a flaky text diff failure
https://bugs.webkit.org/show_bug.cgi?id=194309

Unreviewed test gardening.

Patch by Shawn Roberts <sroberts@apple.com> on 2019-02-20

* platform/mac-wk1/TestExpectations: Marking as flaky until a fix lands

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241835 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months ago[ Mac WK2 iOS Debug ] REGRESSION (r240713) Layout Test scrollingcoordinator/scrolling...
tsavell@apple.com [Wed, 20 Feb 2019 21:49:53 +0000 (21:49 +0000)]
[ Mac WK2 iOS Debug ] REGRESSION (r240713) Layout Test scrollingcoordinator/scrolling-tree/fixed-inside-frame.html is flaky failure
https://bugs.webkit.org/show_bug.cgi?id=194253

Unreviewed test gardening.

Patch by Shawn Roberts <sroberts@apple.com> on 2019-02-20

* platform/ios-wk2/TestExpectations: Marking as flaky until a fix lands
* platform/mac-wk2/TestExpectations: ditto

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241834 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoAttempt to fix the Apple Internal build following r241828
dbates@webkit.org [Wed, 20 Feb 2019 21:38:40 +0000 (21:38 +0000)]
Attempt to fix the Apple Internal build following r241828
(https://trac.webkit.org/changeset/241828/webkit)

Conditionally include a private header.

* pal/spi/ios/UIKitSPI.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241833 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months ago[bmalloc] bmalloc::Cache should not be instantiated if we are using system malloc
ysuzuki@apple.com [Wed, 20 Feb 2019 21:30:40 +0000 (21:30 +0000)]
[bmalloc] bmalloc::Cache should not be instantiated if we are using system malloc
https://bugs.webkit.org/show_bug.cgi?id=194811

Reviewed by Mark Lam.

bmalloc::Cache is very large. It is 13KB. Since it exists per HeapKind, it takes 40KB.
But this is meaningless if we are under the system malloc mode by using "Malloc=1". We
found that it continues using so much dirty memory region even under the system malloc mode.
This patch avoids instantiation of bmalloc::Cache under the system malloc mode.

* bmalloc/Allocator.cpp:
(bmalloc::Allocator::Allocator):
(bmalloc::Allocator::tryAllocate):
(bmalloc::Allocator::allocateImpl):
(bmalloc::Allocator::reallocateImpl):
(bmalloc::Allocator::allocateSlowCase):
Allocator is a per Cache object. So we no longer need to keep m_debugHeap. If debug heap is enabled,
Allocator is never created.

* bmalloc/Allocator.h:
* bmalloc/Cache.cpp:
(bmalloc::debugHeap):
(bmalloc::Cache::Cache):
(bmalloc::Cache::tryAllocateSlowCaseNullCache):
(bmalloc::Cache::allocateSlowCaseNullCache):
(bmalloc::Cache::deallocateSlowCaseNullCache):
(bmalloc::Cache::tryReallocateSlowCaseNullCache):
(bmalloc::Cache::reallocateSlowCaseNullCache):
* bmalloc/Cache.h:
(bmalloc::Cache::tryAllocate):
(bmalloc::Cache::tryReallocate):
If the debug heap mode is enabled, we keep Cache::getFast() returning nullptr. And in the slow path case, we use debugHeap.
This makes bmalloc fast path fast, while we avoid Cache instantiation.

* bmalloc/Deallocator.cpp:
(bmalloc::Deallocator::Deallocator):
(bmalloc::Deallocator::scavenge):
(bmalloc::Deallocator::deallocateSlowCase):
* bmalloc/Deallocator.h:
Ditto for Deallocator.

* bmalloc/bmalloc.cpp:
(bmalloc::api::isEnabled):
We used `getFastCase()` for Heap. But it is basically wrong since we do not have any guarantee that someone already initializes
Heap when this is called. Previously, luckily, Cache is initialized, and Cache initialized Heap. But Cache initialization is removed
for system malloc mode and now PerProcess<PerHeapKind<Heap>>::getFastCase() returns nullptr at an early phase. This patch just uses
Environment::isDebugHeapEnabled() instead.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241832 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months ago[ Mac WK2 ] REGRESSION (r239333) Flaky ASSERTION FAILED: m_uncommittedState.state...
tsavell@apple.com [Wed, 20 Feb 2019 21:24:56 +0000 (21:24 +0000)]
[ Mac WK2 ] REGRESSION (r239333) Flaky ASSERTION FAILED: m_uncommittedState.state == State::Committed on http/tests/cookies/same-site/fetch-after-top-level-navigation-from-cross-origin-page.html
https://bugs.webkit.org/show_bug.cgi?id=194225

Unreviewed test gardening.

Patch by Shawn Roberts <sroberts@apple.com> on 2019-02-20

* platform/mac-wk2/TestExpectations: Marking as flaky while waiting for fix to land

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241831 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoREGRESSION (r241788>): ASSERTION FAILED: !m_normalFlowListDirty in TestWebKitAPI...
simon.fraser@apple.com [Wed, 20 Feb 2019 21:08:44 +0000 (21:08 +0000)]
REGRESSION (r241788>): ASSERTION FAILED: !m_normalFlowListDirty in TestWebKitAPI.WebKit.ResizeReversePaginatedWebView test
https://bugs.webkit.org/show_bug.cgi?id=194866

Reviewed by Antti Koivisto.

r241788 removed some calls that updated layer lists (normal flow and z-order) during compositing updates, causing
a later call to RenderLayerCompositor::recursiveRepaintLayer() to assert when the lists were dirty. Fix by updating
the lists in RenderLayerCompositor::recursiveRepaintLayer(), as we do in various other places.

* rendering/RenderLayerCompositor.cpp:
(WebCore::RenderLayerCompositor::recursiveRepaintLayer):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241830 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months ago[iOS] Open sandbox for specific call.
pvollan@apple.com [Wed, 20 Feb 2019 20:27:13 +0000 (20:27 +0000)]
[iOS] Open sandbox for specific call.
https://bugs.webkit.org/show_bug.cgi?id=194860
<rdar://problem/48166729>

Reviewed by Brent Fulgham.

* Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241829 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months ago[iOS] Tweak UI for focus rings
dbates@webkit.org [Wed, 20 Feb 2019 20:25:28 +0000 (20:25 +0000)]
[iOS] Tweak UI for focus rings
https://bugs.webkit.org/show_bug.cgi?id=194864
<rdar://problem/47831886>

Reviewed by Brent Fulgham.

Source/WebCore:

Make use of UIKit constants to make focus rings pretty.

* platform/graphics/cocoa/GraphicsContextCocoa.mm:
(WebCore::drawFocusRingAtTime):

Source/WebCore/PAL:

Expose more SPI.

* pal/ios/UIKitSoftLink.h:
* pal/ios/UIKitSoftLink.mm:
* pal/spi/ios/UIKitSPI.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241828 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months ago[ Mac WK2 ] REGRESSION (r238519) Layout Test fast/repaint/placeholder-after-caps...
tsavell@apple.com [Wed, 20 Feb 2019 19:56:14 +0000 (19:56 +0000)]
[ Mac WK2 ] REGRESSION (r238519) Layout Test fast/repaint/placeholder-after-caps-lock-hidden.html is a flaky failure
https://bugs.webkit.org/show_bug.cgi?id=194170

Unreviewed test gardening.

Patch by Shawn Roberts <sroberts@apple.com> on 2019-02-20

* platform/mac-wk2/TestExpectations: Marking as flaky while waiting for fix to land

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241827 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoMove API::HTTPCookieStore ownership from API::WebsiteDataStore to WebKit::WebsiteData...
achristensen@apple.com [Wed, 20 Feb 2019 19:43:44 +0000 (19:43 +0000)]
Move API::HTTPCookieStore ownership from API::WebsiteDataStore to WebKit::WebsiteDataStore
https://bugs.webkit.org/show_bug.cgi?id=194842

Reviewed by Geoff Garen.

We need a way to get from WebKit::WebsiteDataStore to API::HTTPCookieStore.  It can't be done before this.
This made an existing reference cycle easier to see, and we should fix it in a followup patch.

* UIProcess/API/APIWebsiteDataStore.cpp:
(API::WebsiteDataStore::httpCookieStore):
* UIProcess/API/APIWebsiteDataStore.h:
* UIProcess/WebsiteData/WebsiteDataStore.cpp:
(WebKit::WebsiteDataStore::cookieStore):
* UIProcess/WebsiteData/WebsiteDataStore.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241826 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoRenderThemeIOS should use RenderTheme's color cache instead of its own.
timothy@apple.com [Wed, 20 Feb 2019 19:28:28 +0000 (19:28 +0000)]
RenderThemeIOS should use RenderTheme's color cache instead of its own.
https://bugs.webkit.org/show_bug.cgi?id=194822
rdar://problem/48208296

Reviewed by Tim Horton.

Source/WebCore:

Tested by fast/css/apple-system-colors.html.

* css/CSSValueKeywords.in:
* css/parser/CSSPropertyParser.cpp:
(WebCore::isAppleLegacyCssValueKeyword):
* platform/graphics/Color.h:
* platform/graphics/cg/ColorCG.cpp:
(WebCore::makeRGBAFromCGColor):
(WebCore::Color::Color):
* rendering/RenderThemeIOS.h:
* rendering/RenderThemeIOS.mm:
(WebCore::RenderThemeIOS::systemColor const):
* rendering/RenderThemeMac.mm:
(WebCore::RenderThemeMac::systemColor const):

Source/WebCore/PAL:

* pal/ios/UIKitSoftLink.h:
* pal/ios/UIKitSoftLink.mm:
* pal/spi/ios/UIKitSPI.h:

LayoutTests:

* platform/ios/fast/css/apple-system-colors-expected.txt: Rebased for -apple-system-purple.
* platform/win/fast/css/apple-system-colors-expected.txt: Rebased for invalid color now
that -apple-system colors are macOS and iOS only.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241825 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoFix crash when opening Web Inspector after a WebSocket was blocked by content extensions
commit-queue@webkit.org [Wed, 20 Feb 2019 19:23:28 +0000 (19:23 +0000)]
Fix crash when opening Web Inspector after a WebSocket was blocked by content extensions
https://bugs.webkit.org/show_bug.cgi?id=194819

Patch by Loïc Yhuel <loic.yhuel@softathome.com> on 2019-02-20
Reviewed by Joseph Pecoraro.

Source/WebCore:

Test: http/tests/inspector/network/contentextensions/blocked-websocket-crash.html

* Modules/websockets/WebSocketChannel.h:
(WebCore::WebSocketChannel::hasCreatedHandshake):
* inspector/agents/page/PageNetworkAgent.cpp:
Ignore WebSocketChannel without an WebSocketHandshake, which would crash in InspectorNetworkAgent::enable.

LayoutTests:

* TestExpectations: Skip the test by default, like http/tests/contentextensions
* http/tests/inspector/network/contentextensions/blocked-websocket-crash-expected.txt: Added.
* http/tests/inspector/network/contentextensions/blocked-websocket-crash.html: Added.
* http/tests/inspector/network/contentextensions/blocked-websocket-crash.html.json: Added.
* platform/gtk/TestExpectations: Unskip the test
* platform/mac-wk2/TestExpectations: Ditto
* platform/wpe/TestExpectations: Ditto

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241824 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoRegression(PSON) Crash under WebKit::WebPageProxy::decidePolicyForNavigationActionSync
cdumez@apple.com [Wed, 20 Feb 2019 19:19:26 +0000 (19:19 +0000)]
Regression(PSON) Crash under WebKit::WebPageProxy::decidePolicyForNavigationActionSync
https://bugs.webkit.org/show_bug.cgi?id=194857
<rdar://problem/47759323>

Reviewed by Alex Christensen.

Source/WebKit:

The ProvisionalPageProxy was blindly forwarding the DecidePolicyForNavigationActionSync
synchronous IPC to the WebPageProxy, without passing it the process the IPC came from.
As a result, WebPageProxy::decidePolicyForNavigationActionSync() would try to look up
a WebFrameProxy using the provided frameID from the wrong process and we would end up
hitting a RELEASE_ASSERT().

* UIProcess/ProvisionalPageProxy.cpp:
(WebKit::ProvisionalPageProxy::decidePolicyForNavigationActionSync):
(WebKit::ProvisionalPageProxy::didReceiveSyncMessage):
* UIProcess/ProvisionalPageProxy.h:
* UIProcess/WebPageProxy.cpp:
(WebKit::WebPageProxy::decidePolicyForNavigationActionSync):
(WebKit::WebPageProxy::decidePolicyForNavigationActionSyncShared):
* UIProcess/WebPageProxy.h:

Tools:

Add API test coverage.

* TestWebKitAPI/Tests/WebKitCocoa/ProcessSwapOnNavigation.mm:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241823 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months ago[LFC][Floats] Make FloatAvoider::resetPosition implicit
zalan@apple.com [Wed, 20 Feb 2019 19:15:32 +0000 (19:15 +0000)]
[LFC][Floats] Make FloatAvoider::resetPosition implicit
https://bugs.webkit.org/show_bug.cgi?id=194855

Reviewed by Antti Koivisto.

Let's compute the initial top/left position during c'tor time.
This is in preparation for fixing formatting root box placement in a float context.

* layout/floats/FloatAvoider.cpp:
(WebCore::Layout::FloatAvoider::resetPosition): Deleted.
* layout/floats/FloatAvoider.h:
(WebCore::Layout::FloatAvoider::displayBox):
(WebCore::Layout::FloatAvoider::initialVerticalPosition const): Deleted.
* layout/floats/FloatBox.cpp:
(WebCore::Layout::FloatBox::FloatBox):
(WebCore::Layout::FloatBox::initialVerticalPosition const):
* layout/floats/FloatBox.h:
* layout/floats/FloatingContext.cpp:
(WebCore::Layout::FloatingContext::floatingPosition const):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241822 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months ago[WKTR] Avoid starting new NetworkProcesses unnecessarily when running the layout...
cdumez@apple.com [Wed, 20 Feb 2019 18:34:44 +0000 (18:34 +0000)]
[WKTR] Avoid starting new NetworkProcesses unnecessarily when running the layout tests
https://bugs.webkit.org/show_bug.cgi?id=194829
<rdar://problem/47889906>

Reviewed by Alexey Proskuryakov.

Every time the TestOptions were changing we were creating both a new Web view and
a new WKContext, which would start a new Network process. In most cases, we only
need to contruct a new Web view and we do can keep reusing the same WKContext.
This patch implements this optimization and thus avoids spinning a lot of new
Network processes while running the layout tests.

* WebKitTestRunner/TestController.cpp:
(WTR::TestController::generateContextConfiguration const):
(WTR::TestController::generatePageConfiguration):
(WTR::TestController::createWebViewWithOptions):
(WTR::TestController::resetPreferencesToConsistentValues):
(WTR::updateTestOptionsFromTestHeader):
* WebKitTestRunner/TestController.h:
* WebKitTestRunner/TestOptions.h:
(WTR::TestOptions::ContextOptions::hasSameInitializationOptions const):
(WTR::TestOptions::ContextOptions::shouldEnableProcessSwapOnNavigation const):
(WTR::TestOptions::hasSameInitializationOptions const):
(WTR::TestOptions::shouldEnableProcessSwapOnNavigation const): Deleted.
* WebKitTestRunner/cocoa/TestControllerCocoa.mm:
(WTR::TestController::platformAddTestOptions const):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241821 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months ago[MSVC] Fix compilation errors with lambdas in Service Workers
don.olmstead@sony.com [Wed, 20 Feb 2019 18:23:19 +0000 (18:23 +0000)]
[MSVC] Fix compilation errors with lambdas in Service Workers
https://bugs.webkit.org/show_bug.cgi?id=194841

Reviewed by Alex Christensen.

Source/WebCore:

No new tests. No change in behavior.

MSVC has problems with the scoping of `this` within a nested lambda. In these cases `this` is
referring to the enclosing lambda according to MSVC. This patch works around this behavior
through by using the `protectedThis` pattern in WebKit code.

* workers/service/server/RegistrationDatabase.cpp:
(WebCore::RegistrationDatabase::openSQLiteDatabase):

Source/WebKit:

* WebProcess/Storage/ServiceWorkerClientFetch.cpp:
(WebKit::ServiceWorkerClientFetch::didReceiveRedirectResponse):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241820 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoREGRESSION (r240727) [ Mac iOS ] Layout Test http/tests/workers/service/basic-registe...
commit-queue@webkit.org [Wed, 20 Feb 2019 18:15:00 +0000 (18:15 +0000)]
REGRESSION (r240727) [ Mac iOS ] Layout Test http/tests/workers/service/basic-register-exceptions.html is flaky
https://bugs.webkit.org/show_bug.cgi?id=194368

Unreviewed test gardening.

Patch by Shawn Roberts <sroberts@apple.com> on 2019-02-20

* platform/ios-simulator-wk2/TestExpectations: Updating test expectations while waiting for a fix
* platform/mac-wk2/TestExpectations: ditto

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241819 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoUnreviewed, rolling out r241789.
commit-queue@webkit.org [Wed, 20 Feb 2019 18:05:40 +0000 (18:05 +0000)]
Unreviewed, rolling out r241789.
https://bugs.webkit.org/show_bug.cgi?id=194856

GuardMalloc crashes (Requested by yusukesuzuki on #webkit).

Reverted changeset:

"[bmalloc] bmalloc::Cache should not be instantiated if we are
using system malloc"
https://bugs.webkit.org/show_bug.cgi?id=194811
https://trac.webkit.org/changeset/241789

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241818 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months ago[GTK] Epiphany searching for plugins even if plugins are disabled
commit-queue@webkit.org [Wed, 20 Feb 2019 17:11:33 +0000 (17:11 +0000)]
[GTK] Epiphany searching for plugins even if plugins are disabled
https://bugs.webkit.org/show_bug.cgi?id=194352

Patch by Carlos Garcia Campos <cgarcia@igalia.com> on 2019-02-20
Reviewed by Michael Catanzaro.

Check pluginsEnabled setting before trying to get plugins from UI process.

* WebProcess/Plugins/WebPluginInfoProvider.cpp:
(WebKit::WebPluginInfoProvider::populatePluginCache):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241817 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months ago[WPE] Send client host fd and library name as web process creation parameters
carlosgc@webkit.org [Wed, 20 Feb 2019 14:34:51 +0000 (14:34 +0000)]
[WPE] Send client host fd and library name as web process creation parameters
https://bugs.webkit.org/show_bug.cgi?id=194494

Reviewed by Žan Doberšek.

Instead of using command line arguments. The code is simpler and we don't need wpe specific code in process
launcher glib implementation.

* Shared/WebProcessCreationParameters.cpp:
(WebKit::WebProcessCreationParameters::encode const):
(WebKit::WebProcessCreationParameters::decode):
* Shared/WebProcessCreationParameters.h:
* UIProcess/Launcher/glib/ProcessLauncherGLib.cpp:
(WebKit::ProcessLauncher::launchProcess):
* UIProcess/glib/WebProcessPoolGLib.cpp:
(WebKit::WebProcessPool::platformInitializeWebProcess):
* WebProcess/glib/WebProcessGLib.cpp:
(WebKit::WebProcess::platformInitializeWebProcess):
* WebProcess/wpe/WebProcessMainWPE.cpp:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241816 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months ago[WPE][GTK] Enable support for CONTENT_EXTENSIONS
aperez@igalia.com [Wed, 20 Feb 2019 10:16:00 +0000 (10:16 +0000)]
[WPE][GTK] Enable support for CONTENT_EXTENSIONS
https://bugs.webkit.org/show_bug.cgi?id=167941

Reviewed by Carlos Garcia Campos.

Source/WebCore:

* platform/gtk/po/POTFILES.in: Added WebKitUserContentFilterStore.cpp
to the list of files with translatable strings.

Source/WebKit:

Adds new API to manage a collection of content extensions on disk (including compilation
of new ones) using WebKitUserContentFilterStore; the associated WebKitUserContentFilter
type (which represents a compiled content extension); and the functions needed to enable
and disable them for a given WebKitUserContentManager.

The WebKitUserContentFilterStore public API is expressed in abstract terms of "saving"
filters into the store (which involves compiling the JSON source rule set); and "loading"
them back as main operations. This way we do not disclose to users of the API any detail
about compilation, nor how contents are laid out on disk, and the documentation explicitly
tells about only using the provided functions to manipulate the on-disk contents. This
way we allow ourselves some leeway if the implementation needs changing in the future.

* PlatformGTK.cmake: Added WebKitUserContentFilterStore.h to the list of public API headers.
* PlatformWPE.cmake: Ditto.
* SourcesGTK.txt: Added WebKitUserContentFilterStore.cpp
* SourcesWPE.txt: Ditto.
* UIProcess/API/glib/WebKitError.cpp: Add definition of webkit_user_content_filter_error_quark().
* UIProcess/API/glib/WebKitUserContent.cpp: Added WebKitUserContentFilter.
(_WebKitUserContentFilter::_WebKitUserContentFilter):
(webkit_user_content_filter_ref):
(webkit_user_content_filter_unref):
(webkit_user_content_filter_get_identifier):
(webkitUserContentFilterCreate):
(webkitUserContentFilterGetContentRuleList):
* UIProcess/API/glib/WebKitUserContentFilterStore.cpp: Added.
(toGError): Utility function to convert content extension error codes to GError.
(webkit_user_content_filter_store_class_init):
(webkit_user_content_filter_store_new):
(webkit_user_content_filter_store_get_path):
(webkitUserContentFilterStoreSaveBytes): Common function used as final step for all the
functions which save (compile) JSON rule sets into the store, to avoid duplicating code.
(webkit_user_content_filter_store_save):
(webkit_user_content_filter_store_save_finish):
(webkit_user_content_filter_store_save_from_file):
(webkit_user_content_filter_store_save_from_file_finish):
(webkit_user_content_filter_store_remove):
(webkit_user_content_filter_store_remove_finish):
(webkit_user_content_filter_store_load):
(webkit_user_content_filter_store_lookup_finish):
(webkit_user_content_filter_store_fetch_identifiers):
(webkit_user_content_filter_store_fetch_identifiers_finish):
* UIProcess/API/glib/WebKitUserContentManager.cpp: Added definitions for the new API
functions to add and remove filters from an user content manager.
(webkit_user_content_manager_add_filter):
(webkit_user_content_manager_remove_filter):
(webkit_user_content_manager_remove_all_filters):
* UIProcess/API/glib/WebKitUserContentPrivate.h: Added declarations for
webkitUserContentFilterCreate() and webkitUserContentFilterGetContentRuleList().
* UIProcess/API/gtk/WebKitAutocleanups.h: Added autocleanups for WebKitUserContentFilter
and WebKitUserContentFilterStore.
* UIProcess/API/gtk/WebKitError.h: Added declarations for WEBKIT_USER_CONTENT_FILTER_ERROR
plus the associated webkit_user_content_filter_error_quark() function and
WebKitUserContentFilterErrror enum.
* UIProcess/API/gtk/WebKitUserContent.h: Added declarations for WebKitUserContentFilter
and its associated functions.
* UIProcess/API/gtk/WebKitUserContentFilterStore.h: Added.
* UIProcess/API/gtk/WebKitUserContentManager.h: Added declarations for the functions to
add and remove filters from the user content manager.
* UIProcess/API/gtk/docs/webkit2gtk-4.0-sections.txt: Added new API functions and types to
be included in the documentation.
* UIProcess/API/gtk/webkit2.h: Added inclusion of WebKitUserContentFilterStore.h
* UIProcess/API/wpe/WebKitError.h: Same as for the GTK port header.
* UIProcess/API/wpe/WebKitUserContent.h: Same as for the GTK port header.
* UIProcess/API/wpe/WebKitUserContentFilterStore.h: Added.
* UIProcess/API/wpe/WebKitUserContentManager.h: Same as for the GTK port header.
* UIProcess/API/wpe/docs/wpe-0.1-sections.txt: Added new API functions and types to be
included in the documentation.
* UIProcess/API/wpe/webkit.h: Added inclusion of WebKitUserContentFilterStore.h

Source/WTF:

Add specialization of the refGPtr() and derefGPtr() templates for GMappedFile.

* wtf/glib/GRefPtr.cpp:
(WTF::refGPtr): Added.
(WTF::derefGPtr): Added.
* wtf/glib/GRefPtr.h: Declare template specializations.

Tools:

* MiniBrowser/gtk/main.c:
(filterSavedCallback): Added.
(main): Support loading a JSON rule set file for content filtering.
* MiniBrowser/wpe/main.cpp:
(filterSavedCallback): Added.
(main): Support loading a JSON rule set file for content filtering.
* TestWebKitAPI/Tests/WebKitGLib/TestWebKitUserContentFilterStore.cpp: Added.
(WTF::refGPtr): Added locally for WebKitUserContentFilter, as it would not be used anywhere else.
(WTF::derefGPtr): Ditto.
(testEmptyStore):
(testSaveInvalidFilter):
(testSaveLoadFilter):
(testSavedFilterIdentifierMatch):
(testRemoveFilter):
(testSaveMultipleFilters):
(testSaveFilterFromFile):
(testFilterPersistence):
(beforeAll):
(afterAll):
* TestWebKitAPI/Tests/WebKitGLib/TestWebKitUserContentManager.cpp:
(removeOldInjectedContentAndResetLists): Also reset content filters.
(isCSSBlockedForURLAtPath): Added. Tests whether the test filter, which blocks a
CSS style sheet, has blocked the load of the CSS by looking at the resulting style of
the element affected by the style sheet.
(getUserContentFilter): Added. Stores the test filter in a WebKitUserContentFilterStore
and returns it to be used by tests.
(testUserContentManagerContentFilter): Added. Tests whether adding and removing a filter
from the WebKitUserContentManager results in the a CSS style sheet being blocked.
(serverCallback): Add support for serving a CSS style sheet for testing.
(beforeAll): Add call to testUserContentManagerContentFilter().
* TestWebKitAPI/glib/CMakeLists.txt: Added TestWebKitUserContentFilterStore.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241790 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months ago[bmalloc] bmalloc::Cache should not be instantiated if we are using system malloc
ysuzuki@apple.com [Wed, 20 Feb 2019 01:51:50 +0000 (01:51 +0000)]
[bmalloc] bmalloc::Cache should not be instantiated if we are using system malloc
https://bugs.webkit.org/show_bug.cgi?id=194811

Reviewed by Mark Lam.

bmalloc::Cache is very large. It is 13KB. Since it exists per HeapKind, it takes 40KB.
But this is meaningless if we are under the system malloc mode by using "Malloc=1". We
found that it continues using so much dirty memory region even under the system malloc mode.
This patch avoids instantiation of bmalloc::Cache under the system malloc mode.

* bmalloc/Allocator.cpp:
(bmalloc::Allocator::Allocator):
(bmalloc::Allocator::tryAllocate):
(bmalloc::Allocator::allocateImpl):
(bmalloc::Allocator::reallocateImpl):
(bmalloc::Allocator::allocateSlowCase):
Allocator is a per Cache object. So we no longer need to keep m_debugHeap. If debug heap is enabled,
Allocator is never created.

* bmalloc/Allocator.h:
* bmalloc/Cache.cpp:
(bmalloc::debugHeap):
(bmalloc::Cache::Cache):
(bmalloc::Cache::tryAllocateSlowCaseNullCache):
(bmalloc::Cache::allocateSlowCaseNullCache):
(bmalloc::Cache::deallocateSlowCaseNullCache):
(bmalloc::Cache::tryReallocateSlowCaseNullCache):
(bmalloc::Cache::reallocateSlowCaseNullCache):
* bmalloc/Cache.h:
(bmalloc::Cache::tryAllocate):
(bmalloc::Cache::tryReallocate):
If the debug heap mode is enabled, we keep Cache::getFast() returning nullptr. And in the slow path case, we use debugHeap.
This makes bmalloc fast path fast, while we avoid Cache instantiation.

* bmalloc/Deallocator.cpp:
(bmalloc::Deallocator::Deallocator):
(bmalloc::Deallocator::scavenge):
(bmalloc::Deallocator::deallocateSlowCase):
* bmalloc/Deallocator.h:
Ditto for Deallocator.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241789 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoREGRESSION (r238090): Toggling visibility on the <html> element can result in a blank...
simon.fraser@apple.com [Wed, 20 Feb 2019 01:39:34 +0000 (01:39 +0000)]
REGRESSION (r238090): Toggling visibility on the <html> element can result in a blank web view
https://bugs.webkit.org/show_bug.cgi?id=194827
rdar://problem/47620594

Reviewed by Antti Koivisto.

Source/WebCore:

Incremental compositing updates, added in rr238090, use repaints as a trigger for re-evaluating
layer configurations, since a repaint implies that a layer gains painted content. This is done
via the call to setNeedsCompositingConfigurationUpdate() in RenderLayerBacking::setContentsNeedDisplay{InRect}.
The RenderView's layer is opted out of this to avoid doing lots of redundant layer config recomputation
for the root. The configuration state that matters here is whether the layer contains painted content,
and therefore needs backing store; this is computed by RenderLayerBacking::isSimpleContainerCompositingLayer(),
and feeds into GraphicsLayer::drawsContent().

However, if <html> starts as "visibility:hidden" or "opacity:0", as some sites do to hide incremental loading,
then we'll fail to recompute 'drawsContent' for the root and leave the root with drawsContent=false, which
causes RenderLayerBacking::setContentsNeedDisplay{InRect} to short-circuit, and then we paint nothing.

Ironically, 'drawsContent' doesn't actually save any backing store for the root, since it has no affect on
the root tile caches; we always make tiles. So the simple fix here is to change RenderLayerBacking::isSimpleContainerCompositingLayer()
to always return false for the RenderView's layer (the root).

Testing this was tricky; ref testing doesn't work because we force repaint, and we normally skip
properties of the root in layer tree dumps to hide WK1/WK2 differences. Therefore I had to add
LAYER_TREE_INCLUDES_ROOT_LAYER_PROPERTIES and fix RenderLayerBacking::shouldDumpPropertyForLayer to
respect it.

Test: compositing/visibility/root-visibility-toggle.html

* page/Frame.h:
* platform/graphics/GraphicsLayer.cpp:
(WebCore::GraphicsLayer::dumpProperties const):
* platform/graphics/GraphicsLayerClient.h:
(WebCore::GraphicsLayerClient::shouldDumpPropertyForLayer const):
* rendering/RenderLayerBacking.cpp:
(WebCore::RenderLayerBacking::isSimpleContainerCompositingLayer const):
(WebCore::RenderLayerBacking::shouldDumpPropertyForLayer const):
* rendering/RenderLayerBacking.h:
* rendering/RenderLayerCompositor.cpp:
(WebCore::RenderLayerCompositor::layerTreeAsText):
* testing/Internals.cpp:
(WebCore::toLayerTreeFlags):
* testing/Internals.h:
* testing/Internals.idl:

LayoutTests:

Test dumps layer tree with RenderLayerBacking::shouldDumpPropertyForLayer to show that the root has (drawsContent 1)

* compositing/visibility/root-visibility-toggle-expected.txt: Added.
* compositing/visibility/root-visibility-toggle.html: Added.
* platform/mac-wk1/compositing/visibility/root-visibility-toggle-expected.txt: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241788 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoWeb Inspector: Improve ES6 Class instances in Heap Snapshot instances view
joepeck@webkit.org [Wed, 20 Feb 2019 01:35:31 +0000 (01:35 +0000)]
Web Inspector: Improve ES6 Class instances in Heap Snapshot instances view
https://bugs.webkit.org/show_bug.cgi?id=172848
<rdar://problem/25709212>

Reviewed by Mark Lam.

JSTests:

* typeProfiler/inheritance.js:
Rewrite the test slightly for clarity. The hoisting was confusing.

* heapProfiler/class-names.js: Added.
(MyES5Class):
(MyES6Class):
(MyES6Subclass):
Test object types and improved class names.

* heapProfiler/driver/driver.js:
(CheapHeapSnapshotNode):
(CheapHeapSnapshot):
(createCheapHeapSnapshot):
(HeapSnapshot):
(createHeapSnapshot):
Update snapshot parsing from version 1 to version 2.

Source/JavaScriptCore:

* heap/HeapSnapshotBuilder.h:
* heap/HeapSnapshotBuilder.cpp:
Update the snapshot version. Change the node's 0 | 1 internal value
to be a 32bit bit flag. This is nice in that it is both compatible
with the previous snapshot version and the same size. We can use more
flags in the future.

(JSC::HeapSnapshotBuilder::json):
In cases where the classInfo gives us "Object" check for a better
class name by checking (o).__proto__.constructor.name. We avoid this
check in cases where (o).hasOwnProperty("constructor") which is the
case for most Foo.prototype objects. Otherwise this would get the
name of the Foo superclass for the Foo.prototype object.

* runtime/JSObject.cpp:
(JSC::JSObject::calculatedClassName):
Handle some possible edge cases that were not handled before, such as
a JSObject without a GlobalObject or an object which doesn't
have a default getPrototype. Try to make the code a little clearer.

Source/WebInspectorUI:

* UserInterface/Workers/HeapSnapshot/HeapSnapshot.js:
(HeapSnapshot):
Support the new snapshot version. The only thing that changes are the
node flags, and its actually completely compatible with version 1.

(HeapSnapshot.updateCategoriesAndMetadata):
List the count of object type instances in each class category.

(HeapSnapshot.prototype.serializeNode):
Include whether or not the node is an object type.

* UserInterface/Proxies/HeapSnapshotNodeProxy.js:
(WebInspector.HeapSnapshotNodeProxy):
(WebInspector.HeapSnapshotNodeProxy.deserialize):
Add a new Node isObjectType property based on the new data.

* UserInterface/Views/HeapSnapshotClassDataGridNode.js:
(WebInspector.HeapSnapshotClassDataGridNode.prototype.createCellContent):
* UserInterface/Views/HeapSnapshotClusterContentView.js:
(WebInspector.HeapSnapshotClusterContentView.iconStyleClassNameForClassName):
If a class contains 50% or more object type instances then treat it as such
instead of defaulting to native.

* UserInterface/Views/HeapSnapshotDataGridTree.js:
(WebInspector.HeapSnapshotInstancesDataGridTree.prototype.populateTopLevel):
* UserInterface/Views/HeapSnapshotInstanceDataGridNode.js:
(WebInspector.HeapSnapshotInstanceDataGridNode.prototype.createCellContent):
We can be more specific than the default if the individual instance is
known to be an object type.

LayoutTests:

* inspector/unit-tests/heap-snapshot-expected.txt:
* inspector/unit-tests/heap-snapshot.html:
Update for the new node flag.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241787 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoAdd timing information to build output
krollin@apple.com [Wed, 20 Feb 2019 01:31:11 +0000 (01:31 +0000)]
Add timing information to build output
https://bugs.webkit.org/show_bug.cgi?id=194839
<rdar://problem/48219609>

Reviewed by Alexey Proskuryakov.

Configure xcodebuild with -ShowBuildOperationDuration, causing it to
emit each project's build time to its output. E.g.,

    ** BUILD SUCCEEDED ** [0.132 sec]

* Scripts/webkitdirs.pm:
(XcodeOptions):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241786 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoUnreviewed, rolling out r241784.
tsavell@apple.com [Wed, 20 Feb 2019 00:38:20 +0000 (00:38 +0000)]
Unreviewed, rolling out r241784.

Broke all OpenSource builds.

Reverted changeset:

"Web Inspector: Improve ES6 Class instances in Heap Snapshot
instances view"
https://bugs.webkit.org/show_bug.cgi?id=172848
https://trac.webkit.org/changeset/241784

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241785 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoWeb Inspector: Improve ES6 Class instances in Heap Snapshot instances view
joepeck@webkit.org [Wed, 20 Feb 2019 00:07:28 +0000 (00:07 +0000)]
Web Inspector: Improve ES6 Class instances in Heap Snapshot instances view
https://bugs.webkit.org/show_bug.cgi?id=172848
<rdar://problem/25709212>

Reviewed by Mark Lam.

JSTests:

* typeProfiler/inheritance.js:
Rewrite the test slightly for clarity. The hoisting was confusing.

* heapProfiler/class-names.js: Added.
(MyES5Class):
(MyES6Class):
(MyES6Subclass):
Test object types and improved class names.

* heapProfiler/driver/driver.js:
(CheapHeapSnapshotNode):
(CheapHeapSnapshot):
(createCheapHeapSnapshot):
(HeapSnapshot):
(createHeapSnapshot):
Update snapshot parsing from version 1 to version 2.

Source/JavaScriptCore:

* heap/HeapSnapshotBuilder.h:
* heap/HeapSnapshotBuilder.cpp:
Update the snapshot version. Change the node's 0 | 1 internal value
to be a 32bit bit flag. This is nice in that it is both compatible
with the previous snapshot version and the same size. We can use more
flags in the future.

(JSC::HeapSnapshotBuilder::json):
In cases where the classInfo gives us "Object" check for a better
class name by checking (o).__proto__.constructor.name. We avoid this
check in cases where (o).hasOwnProperty("constructor") which is the
case for most Foo.prototype objects. Otherwise this would get the
name of the Foo superclass for the Foo.prototype object.

* runtime/JSObject.cpp:
(JSC::JSObject::calculatedClassName):
Handle some possible edge cases that were not handled before, such as
a JSObject without a GlobalObject or an object which doesn't
have a default getPrototype. Try to make the code a little clearer.

Source/WebInspectorUI:

* UserInterface/Workers/HeapSnapshot/HeapSnapshot.js:
(HeapSnapshot):
Support the new snapshot version. The only thing that changes are the
node flags, and its actually completely compatible with version 1.

(HeapSnapshot.updateCategoriesAndMetadata):
List the count of object type instances in each class category.

(HeapSnapshot.prototype.serializeNode):
Include whether or not the node is an object type.

* UserInterface/Proxies/HeapSnapshotNodeProxy.js:
(WebInspector.HeapSnapshotNodeProxy):
(WebInspector.HeapSnapshotNodeProxy.deserialize):
Add a new Node isObjectType property based on the new data.

* UserInterface/Views/HeapSnapshotClassDataGridNode.js:
(WebInspector.HeapSnapshotClassDataGridNode.prototype.createCellContent):
* UserInterface/Views/HeapSnapshotClusterContentView.js:
(WebInspector.HeapSnapshotClusterContentView.iconStyleClassNameForClassName):
If a class contains 50% or more object type instances then treat it as such
instead of defaulting to native.

* UserInterface/Views/HeapSnapshotDataGridTree.js:
(WebInspector.HeapSnapshotInstancesDataGridTree.prototype.populateTopLevel):
* UserInterface/Views/HeapSnapshotInstanceDataGridNode.js:
(WebInspector.HeapSnapshotInstanceDataGridNode.prototype.createCellContent):
We can be more specific than the default if the individual instance is
known to be an object type.

LayoutTests:

* inspector/unit-tests/heap-snapshot-expected.txt:
* inspector/unit-tests/heap-snapshot.html:
Update for the new node flag.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241784 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoB3-O2 incorrectly optimizes this subtest
rmorisset@apple.com [Tue, 19 Feb 2019 23:27:16 +0000 (23:27 +0000)]
B3-O2 incorrectly optimizes this subtest
https://bugs.webkit.org/show_bug.cgi?id=194625

Reviewed by Saam Barati.

Trivial fix. Instead of doing
    if (!cond) foo else bar => if (cond) bar else foo
B3LowerToAir was doing
    if (x^C) foo else bar => if (cond) bar else foo whenever C&1, even if C was for example 3.

* b3/B3LowerToAir.cpp:
* b3/testb3.cpp:
(JSC::B3::testBitNotOnBooleanAndBranch32):
(JSC::B3::testNotOnBooleanAndBranch32): Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241783 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoUnreviewed, rolling out r241770.
commit-queue@webkit.org [Tue, 19 Feb 2019 23:18:27 +0000 (23:18 +0000)]
Unreviewed, rolling out r241770.
https://bugs.webkit.org/show_bug.cgi?id=194833

Caused crashes (Requested by smfr on #webkit).

Reverted changeset:

"Code quality cleanup in NeverDestroyed"
https://bugs.webkit.org/show_bug.cgi?id=194824
https://trac.webkit.org/changeset/241770

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241782 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoCachedCall should not consider it UNLIKELY that it will not stack overflow
rmorisset@apple.com [Tue, 19 Feb 2019 23:17:17 +0000 (23:17 +0000)]
CachedCall should not consider it UNLIKELY that it will not stack overflow
https://bugs.webkit.org/show_bug.cgi?id=194831

Reviewed by Mark Lam.

* interpreter/CachedCall.h:
(JSC::CachedCall::CachedCall):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241781 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoREGRESSION(r240909): Release assertion in FrameLoader::loadPostRequest when opening...
rniwa@webkit.org [Tue, 19 Feb 2019 23:07:52 +0000 (23:07 +0000)]
REGRESSION(r240909): Release assertion in FrameLoader::loadPostRequest when opening new window
https://bugs.webkit.org/show_bug.cgi?id=194820

Reviewed by Geoffrey Garen.

Source/WebCore:

This release assertion was wrong. The invocation of PolicyChecker::checkNewWindowPolicy in FrameLoader
doesn’t require PolicyChecker's load type to be set in PolicyChecker because FrameLoader's
continueLoadAfterNewWindowPolicy invokes loadWithNavigationAction which sets the load type later,
and we don't rely on PolicyChecker's load type until then.

Fixed the crash by removing relese asserts before invoking checkNewWindowPolicy accordingly.

This patch reverts r241015 since it too was asserting that PolicyChecker's load type is set before
invoking checkNewWindowPolicy which is not the right assumption.

Test: fast/loader/navigate-with-post-to-new-target-after-back-forward-navigation.html

* loader/FrameLoader.cpp:
(WebCore::FrameLoader::loadURL):
(WebCore::FrameLoader::load):
(WebCore::FrameLoader::loadPostRequest):

LayoutTests:

Added a regression test.

* fast/loader/navigate-with-post-to-new-target-after-back-forward-navigation-expected.txt: Added.
* fast/loader/navigate-with-post-to-new-target-after-back-forward-navigation.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241780 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoPass rootContentsLayer to Mac remote layer tree
antti@apple.com [Tue, 19 Feb 2019 22:57:11 +0000 (22:57 +0000)]
Pass rootContentsLayer to Mac remote layer tree
https://bugs.webkit.org/show_bug.cgi?id=194828

Reviewed by Simon Fraser.

Make this code path work again.

* Shared/RemoteLayerTree/RemoteScrollingCoordinatorTransaction.cpp:
(ArgumentCoder<ScrollingStateFrameScrollingNode>::encode):
(ArgumentCoder<ScrollingStateFrameScrollingNode>::decode):
* UIProcess/RemoteLayerTree/RemoteScrollingCoordinatorProxy.cpp:
(WebKit::RemoteScrollingCoordinatorProxy::connectStateNodeLayers):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241779 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoReduce use of LegacySync IPC messages
achristensen@apple.com [Tue, 19 Feb 2019 22:51:29 +0000 (22:51 +0000)]
Reduce use of LegacySync IPC messages
https://bugs.webkit.org/show_bug.cgi?id=194783

Reviewed by Geoffrey Garen.

* UIProcess/WebProcessPool.cpp:
(WebKit::WebProcessPool::handleSynchronousMessage):
* UIProcess/WebProcessPool.h:
* UIProcess/WebProcessPool.messages.in:
* UIProcess/WebProcessProxy.cpp:
(WebKit::WebProcessProxy::getPlugins):
(WebKit::WebProcessProxy::shouldTerminate):
* UIProcess/WebProcessProxy.h:
* UIProcess/WebProcessProxy.messages.in:
* WebProcess/Plugins/PluginProcessConnection.cpp:
(WebKit::PluginProcessConnection::setException):
* WebProcess/Plugins/PluginProcessConnection.h:
* WebProcess/Plugins/PluginProcessConnection.messages.in:
* WebProcess/Plugins/PluginProxy.cpp:
(WebKit::PluginProxy::didCreatePlugin):
(WebKit::PluginProxy::didFailToCreatePlugin):
(WebKit::PluginProxy::proxiesForURL):
(WebKit::PluginProxy::cookiesForURL):
(WebKit::PluginProxy::getAuthenticationInfo):
(WebKit::PluginProxy::getPluginElementNPObject):
(WebKit::PluginProxy::evaluate):
(WebKit::PluginProxy::createPluginContainer):
* WebProcess/Plugins/PluginProxy.h:
* WebProcess/Plugins/PluginProxy.messages.in:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241778 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoRemove assertion introduced in r229683
achristensen@apple.com [Tue, 19 Feb 2019 22:49:13 +0000 (22:49 +0000)]
Remove assertion introduced in r229683
https://bugs.webkit.org/show_bug.cgi?id=194825
<rdar://problem/47628258>

Reviewed by Geoffrey Garen.

* WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp:
(WebKit::WebFrameLoaderClient::dispatchWillSubmitForm):
If we reach this code and the form's original Document's Frame has been destroyed,
we have already been told to submit the form so do so, just like we do if the WebPage
has been destroyed.  This is a rare edge case having to do with the timing of Frame
destruction and decidePolicyForNavigationAction response, which unfortunately does not
reproduce with a test case unless the timing of IPC is just right.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241777 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months ago[ iOS ] Layout Tests in editing/pasteboard/data-transfer-set-data-* are flaky Timeouts
tsavell@apple.com [Tue, 19 Feb 2019 22:42:53 +0000 (22:42 +0000)]
[ iOS ] Layout Tests in editing/pasteboard/data-transfer-set-data-* are flaky Timeouts
https://bugs.webkit.org/show_bug.cgi?id=188892

Unreviewed test gardening.

* platform/ios/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241776 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoFix post-commit feedback.
zalan@apple.com [Tue, 19 Feb 2019 22:36:50 +0000 (22:36 +0000)]
Fix post-commit feedback.

Unreviewed.

* layout/floats/FloatingContext.cpp:
(WebCore::Layout::FloatingPair::intersects const):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241775 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months ago[LFC][Floats] Remove redundant intersecting logic
zalan@apple.com [Tue, 19 Feb 2019 22:33:43 +0000 (22:33 +0000)]
[LFC][Floats] Remove redundant intersecting logic
https://bugs.webkit.org/show_bug.cgi?id=194804

Reviewed by Antti Koivisto.

Source/WebCore:

floatAvoider.overflowsContainingBlock() check already (and properly) takes care of the far left/right case (see comment).

* layout/floats/FloatingContext.cpp:
(WebCore::Layout::FloatingContext::floatingPosition const):
(WebCore::Layout::FloatingPair::intersects const):

Tools:

* LayoutReloaded/misc/LFC-passing-tests.txt:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241774 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months ago[ Mac WK2 iOS ] REGRESSION (r231008) Layout Test http/tests/resourceLoadStatistics...
commit-queue@webkit.org [Tue, 19 Feb 2019 22:28:03 +0000 (22:28 +0000)]
[ Mac WK2 iOS ] REGRESSION (r231008) Layout Test http/tests/resourceLoadStatistics/do-not-block-top-level-navigation-redirect.html is a flaky failure
https://bugs.webkit.org/show_bug.cgi?id=194826

Unreviewed test gardening.

Patch by Shawn Roberts <sroberts@apple.com> on 2019-02-19

* platform/ios-wk2/TestExpectations: Marking Debug flaky while waiting for bug fix
* platform/mac-wk2/TestExpectations: Marking Mac WK2 flaky while waiting for bug fix

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241773 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoFix DFG doesGC() for TryGetById and ProfileType nodes.
mark.lam@apple.com [Tue, 19 Feb 2019 22:03:54 +0000 (22:03 +0000)]
Fix DFG doesGC() for TryGetById and ProfileType nodes.
https://bugs.webkit.org/show_bug.cgi?id=194821
<rdar://problem/48206690>

Reviewed by Saam Barati.

Fix doesGC() for the following nodes:

    ProfileType:
        calls operationProcessTypeProfilerLogDFG(), which can calculatedClassName(),
        which can call JSString::tryGetValue(), which can resolve a rope.

    TryGetById:
        calls operationTryGetByIdOptimize(), which can startWatchingPropertyForReplacements()
        on a structure, which can allocate StructureRareData.

* dfg/DFGDoesGC.cpp:
(JSC::DFG::doesGC):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241772 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoClean-up output from generate-xcfilelists so it can be filtered
dino@apple.com [Tue, 19 Feb 2019 21:47:13 +0000 (21:47 +0000)]
Clean-up output from generate-xcfilelists so it can be filtered
https://bugs.webkit.org/show_bug.cgi?id=194795

Reviewed by Joseph Pecoraro (and Keith Rollin).

Replace the "..." with "GXCF:" in generate-xcfilelists output, and
make a slight tweak to filter-build-webkit so such lines are marked
as plain.

* Scripts/filter-build-webkit:
* Scripts/generate-xcfilelists:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241771 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoCode quality cleanup in NeverDestroyed
keith_miller@apple.com [Tue, 19 Feb 2019 20:45:52 +0000 (20:45 +0000)]
Code quality cleanup in NeverDestroyed
https://bugs.webkit.org/show_bug.cgi?id=194824

Reviewed by Yusuke Suzuki.

First, move data members to the end of the class per WebKit
style. Also, add forbid heap allocation since we expect the
NeverDestroyed classes to be static.

* wtf/NeverDestroyed.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241770 268f45cc-cd09-0410-ab3c-d52691b4dbfc